Merge branch '1.0-maintenance'

docs/api.rst

@@ -312,10 +312,10 @@ JSON module:
     as string.
 
 The :func:`~htmlsafe_dumps` function of this json module is also available
-as filter called ``|tojson`` in Jinja2.  Note that inside ``script``
-tags no escaping must take place, so make sure to disable escaping
-with ``|safe`` if you intend to use it inside ``script`` tags unless
-you are using Flask 0.10 which implies that:
+as a filter called ``|tojson`` in Jinja2.  Note that in versions of Flask prior
+to Flask 0.10, you must disable escaping with ``|safe`` if you intend to use
+``|tojson`` output inside ``script`` tags. In Flask 0.10 and above, this
+happens automatically (but it's harmless to include ``|safe`` anyway).
 
 .. sourcecode:: html+jinja
 

docs/blueprints.rst

@@ -75,11 +75,12 @@ implement a blueprint that does simple rendering of static templates::
             abort(404)
 
 When you bind a function with the help of the ``@simple_page.route``
-decorator the blueprint will record the intention of registering the
-function `show` on the application when it's later registered.
+decorator, the blueprint will record the intention of registering the
+function ``show`` on the application when it's later registered.
 Additionally it will prefix the endpoint of the function with the
 name of the blueprint which was given to the :class:`Blueprint`
-constructor (in this case also ``simple_page``).
+constructor (in this case also ``simple_page``). The blueprint's name
+does not modify the URL, only the endpoint.
 
 Registering Blueprints
 ----------------------

docs/installation.rst

@@ -91,12 +91,12 @@ On Windows:
 
     $ py -3 -m venv venv
 
-If you needed to install virtualenv because you are on an older version of
-Python, use the following command instead:
+If you needed to install virtualenv because you are using Python 2, use
+the following command instead:
 
 .. code-block:: sh
 
-    $ virtualenv venv
+    $ python2 -m virtualenv venv
 
 On Windows:
 

docs/templating.rst

@@ -110,16 +110,25 @@ by Jinja2 itself:
    is for example very helpful if you try to generate JavaScript on the
    fly.
 
-   Note that inside ``script`` tags no escaping must take place, so make
-   sure to disable escaping with ``|safe`` before Flask 0.10 if you intend
-   to use it inside ``script`` tags:
-
    .. sourcecode:: html+jinja
 
        <script type=text/javascript>
-           doSomethingWith({{ user.username|tojson|safe }});
+           doSomethingWith({{ user.username|tojson }});
        </script>
 
+   It is also safe to use the output of `|tojson` in a *single-quoted* HTML
+   attribute:
+
+   .. sourcecode:: html+jinja
+
+       <button onclick='doSomethingWith({{ user.username|tojson }})'>
+           Click me
+       </button>
+
+   Note that in versions of Flask prior to 0.10, if using the output of
+   ``|tojson`` inside ``script``, make sure to disable escaping with ``|safe``.
+   In Flask 0.10 and above, this happens automatically.
+
 Controlling Autoescaping
 ------------------------
 

docs/tutorial/blog.rst

@@ -314,7 +314,7 @@ Delete
 
 The delete view doesn't have its own template, the delete button is part
 of ``update.html`` and posts to the ``/<id>/delete`` URL. Since there
-is no template, it will only handle the ``POST`` method then redirect
+is no template, it will only handle the ``POST`` method and then redirect
 to the ``index`` view.
 
 .. code-block:: python

docs/tutorial/database.rst

@@ -149,7 +149,7 @@ Register with the Application
 -----------------------------
 
 The ``close_db`` and ``init_db_command`` functions need to be registered
-with the application instance, otherwise they won't be used by the
+with the application instance; otherwise, they won't be used by the
 application. However, since you're using a factory function, that
 instance isn't available when writing the functions. Instead, write a
 function that takes an application and does the registration.