From: Georg Brandl Date: Mon, 2 Aug 2010 21:51:51 +0000 (+0000) Subject: Merged revisions 83599 via svnmerge from X-Git-Tag: v2.7.1rc1~480 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=290142680b6d5792ef9e0d37d673e6b72d4690d2;p=python Merged revisions 83599 via svnmerge from svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r83599 | georg.brandl | 2010-08-02 23:51:18 +0200 (Mo, 02 Aug 2010) | 1 line #9061: warn that single quotes are never escaped. ........ --- diff --git a/Doc/library/cgi.rst b/Doc/library/cgi.rst index efee71119f..f0c0a075f5 100644 --- a/Doc/library/cgi.rst +++ b/Doc/library/cgi.rst @@ -349,10 +349,13 @@ algorithms implemented in this module in other circumstances. Convert the characters ``'&'``, ``'<'`` and ``'>'`` in string *s* to HTML-safe sequences. Use this if you need to display text that might contain such characters in HTML. If the optional flag *quote* is true, the quotation mark - character (``'"'``) is also translated; this helps for inclusion in an HTML - attribute value, as in ````. If the value to be quoted might - include single- or double-quote characters, or both, consider using the - :func:`quoteattr` function in the :mod:`xml.sax.saxutils` module instead. + character (``"``) is also translated; this helps for inclusion in an HTML + attribute value delimited by double quotes, as in ````. Note + that single quotes are never translated. + + If the value to be quoted might include single- or double-quote characters, + or both, consider using the :func:`quoteattr` function in the + :mod:`xml.sax.saxutils` module instead. .. _cgi-security: