``literal``. Compatibility should not be a problem; but see the docs if
you encounter any edge cases.
+ - Don't put an "id" attribute on a hidden fields generated by the ``form()``
+ helper, including the magic ``_method`` field. The IDs will clash if there
+ are multiple forms on the page.
*: The HTML builder now uses Armin Ronacher's
+*webhelpers.html: The HTML builder now uses Armin Ronacher's
"MarkupSafe" package, which Mako and Pylons have also switched to. MarkupSafe
has a C speedup for escaping, escapes single-quotes for greater security (to
close a potential XSS attack route), and adds new methods to ``literal``.
*Note*: ``escape_silent`` does not exist yet in MarkupSafe 0.9.3, but
WebHelpers has a fallback.
+*webhelpers.html.tags:* **Don't add an "id" attribute to hidden fields
+generated by the ``form()`` helper**: the IDs clash if there are multiple forms
+on the page. To create a hidden field with an ID, call ``hidden()`` directly.