On Fri, 2007-11-16 at 13:26 -0800, ScottB wrote:
> Hi.
>
> It seems the urlize filter marks its output as safe, but the
> django.utils.html.urlize function on which it depends is only escaping
> the content of the "a" element (i.e. the text between and ).
>
> Any other text passed to the filte
Hi.
It seems the urlize filter marks its output as safe, but the
django.utils.html.urlize function on which it depends is only escaping
the content of the "a" element (i.e. the text between and ).
Any other text passed to the filter is not escaped. Also the url
inserted in the href attribute i
