Merged revisions 83599 via svnmerge from

svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r83599 | georg.brandl | 2010-08-02 23:51:18 +0200 (Mo, 02 Aug 2010) | 1 line #9061: warn that single quotes are never escaped. ........
2010-08-02 21:51:51 +00:00 · 2010-08-02 21:51:51 +00:00 · 290142680b
parent 3db92e9494
commit 290142680b
1 changed files with 7 additions and 4 deletions
--- a/Doc/library/cgi.rst
+++ b/Doc/library/cgi.rst
@ -349,10 +349,13 @@ algorithms implemented in this module in other circumstances.
   Convert the characters ``'&'``, ``'<'`` and ``'>'`` in string *s* to HTML-safe
   sequences.  Use this if you need to display text that might contain such
   characters in HTML.  If the optional flag *quote* is true, the quotation mark
-   character (``'"'``) is also translated; this helps for inclusion in an HTML
-   attribute value, as in ``<A HREF="...">``.  If the value to be quoted might
-   include single- or double-quote characters, or both, consider using the
-   :func:`quoteattr` function in the :mod:`xml.sax.saxutils` module instead.
+   character (``"``) is also translated; this helps for inclusion in an HTML
+   attribute value delimited by double quotes, as in ``<a href="...">``.  Note
+   that single quotes are never translated.
+
+   If the value to be quoted might include single- or double-quote characters,
+   or both, consider using the :func:`quoteattr` function in the
+   :mod:`xml.sax.saxutils` module instead.


 .. _cgi-security: