aboutsummaryrefslogtreecommitdiffstats
path: root/book/src
diff options
context:
space:
mode:
authorLibravatar AndrolGenhald <AndrolGenhald@gmail.com>2022-11-03 21:26:34 -0500
committerLibravatar Dirkjan Ochtman <dirkjan@ochtman.nl>2022-11-07 11:05:58 +0100
commit40b6f348d9e23ee1d2f7e4597a11bedb6325dc7e (patch)
tree341ef57062449039879f784dba1b7ae7c9409f23 /book/src
parent1b18bab91ba773425e521abc276a1278e0d61f3c (diff)
downloadaskama-40b6f348d9e23ee1d2f7e4597a11bedb6325dc7e.tar.gz
askama-40b6f348d9e23ee1d2f7e4597a11bedb6325dc7e.tar.bz2
askama-40b6f348d9e23ee1d2f7e4597a11bedb6325dc7e.zip
Fix some minor issues in escape documentation.
Diffstat (limited to '')
-rw-r--r--book/src/template_syntax.md4
1 files changed, 2 insertions, 2 deletions
diff --git a/book/src/template_syntax.md b/book/src/template_syntax.md
index 23b5dea..d270800 100644
--- a/book/src/template_syntax.md
+++ b/book/src/template_syntax.md
@@ -155,12 +155,12 @@ or `xml`. When specifying a template as `source` in an attribute, the
you can specify an escape mode explicitly for your template by setting
the `escape` attribute parameter value (to `none` or `html`).
-Askama escapes `<`, `>`, `&`, `"`, `'`, `\` and `/`, according to the
+Askama escapes `<`, `>`, `&`, `"`, and `'`, according to the
[OWASP escaping recommendations][owasp]. Use the `safe` filter to
prevent escaping for a single expression, or the `escape` (or `e`)
filter to escape a single expression in an unescaped context.
-[owasp]: https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#RULE_.231_-_HTML_Escape_Before_Inserting_Untrusted_Data_into_HTML_Element_Content
+[owasp]: https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html#output-encoding-for-html-contexts
```rust
#[derive(Template)]