From b51adcbaf3c014e8b4f7a07fe94e117f3c056599 Mon Sep 17 00:00:00 2001 From: "mozilla%colinogilvie.co.uk" Date: Fri, 4 Apr 2008 06:52:00 +0000 Subject: [PATCH] Docs fixes for Bug 298827: builtin or built-in and Bug 298832: ie (sp) Patch by Frank Wein , r=me git-svn-id: svn://10.0.0.236/trunk@249348 18797224-902f-48f8-a5cc-f745e15eee43 --- mozilla/webtools/bugzilla/docs/en/xml/customization.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mozilla/webtools/bugzilla/docs/en/xml/customization.xml b/mozilla/webtools/bugzilla/docs/en/xml/customization.xml index 1eef1667373..49b73319e24 100644 --- a/mozilla/webtools/bugzilla/docs/en/xml/customization.xml +++ b/mozilla/webtools/bugzilla/docs/en/xml/customization.xml @@ -153,7 +153,7 @@ to properly HTML filter data that has been passed into the template. This means that if the data can possibly contain special HTML characters such as <, and the data was not intended to be HTML, they need to be - converted to entity form, ie &lt;. You use the 'html' filter in the + converted to entity form, i.e. &lt;. You use the 'html' filter in the Template Toolkit to do this. If you forget, you may open up your installation to cross-site scripting attacks. @@ -162,7 +162,7 @@ Also note that Bugzilla adds a few filters of its own, that are not in standard Template Toolkit. In particular, the 'url_quote' filter can convert characters that are illegal or have special meaning in URLs, - such as &, to the encoded form, ie %26. This actually encodes most + such as &, to the encoded form, i.e. %26. This actually encodes most characters (but not the common ones such as letters and numbers and so on), including the HTML-special characters, so there's never a need to HTML filter afterwards.