Fixed a security problem caused by changed simplejson semantics.

Notice: this was never in a release version of Flask.

docs/api.rst

@@ -250,6 +250,8 @@ Returning JSON
             doSomethingWith({{ user.username|tojson|safe }});
         </script>
 
+    Note that the ``|tojson`` filter escapes forward slashes properly.
+
 Template Rendering
 ------------------