From 448aa90482e9ae11ad759ed9cf6f656f4ae1a9ed Mon Sep 17 00:00:00 2001
From: Shubheksha Jalan <jshubheksha@gmail.com>
Date: Fri, 18 Nov 2016 21:09:34 +0530
Subject: [PATCH 1/2] Improved some sections of the introducing JSX docs

---
 docs/introducing-jsx.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/introducing-jsx.md b/docs/introducing-jsx.md
index 75b9a562..7272e6b0 100644
--- a/docs/introducing-jsx.md
+++ b/docs/introducing-jsx.md
@@ -48,7 +48,7 @@ ReactDOM.render(
 
 [Try it on CodePen.](http://codepen.io/gaearon/pen/PGEjdG?editors=0010)
 
-We wrapped JSX in parentheses and split it over multiple lines for readability. This also helps avoid the pitfalls of [automatic semicolon insertion](http://stackoverflow.com/q/2846283).
+While it isn't mandatory, when doing this, we also recommend wrapping it in parentheses to avoid the pitfalls of [automatic semicolon insertion](http://stackoverflow.com/q/2846283)
 
 ### JSX is an Expression Too
 
@@ -114,7 +114,7 @@ const title = response.potentiallyMaliciousInput;
 const element = <h1>{title}</h1>;
 ```
 
-By default, React DOM escapes any values embedded in JSX before rendering them.
+By default, React DOM [escapes](http://stackoverflow.com/questions/7381974/which-characters-need-to-be-escaped-on-html) any values embedded in JSX before rendering them. Thus it ensures that you can never inject anything that's not explicitly written in your application. Everything is converted to a string before being rendered. This helps prevent [XSS (cross-site-scripting)](https://en.wikipedia.org/wiki/Cross-site_scripting) attacks.
 
 ### JSX Represents Objects
 

From 5c995eebba86bfbc6fd6a5c66ef50432de195fc1 Mon Sep 17 00:00:00 2001
From: Dan Abramov <dan.abramov@gmail.com>
Date: Fri, 18 Nov 2016 16:20:17 +0000
Subject: [PATCH 2/2] Small nit: add a sentence about readability back

---
 docs/introducing-jsx.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/introducing-jsx.md b/docs/introducing-jsx.md
index 7272e6b0..9b313bad 100644
--- a/docs/introducing-jsx.md
+++ b/docs/introducing-jsx.md
@@ -48,7 +48,7 @@ ReactDOM.render(
 
 [Try it on CodePen.](http://codepen.io/gaearon/pen/PGEjdG?editors=0010)
 
-While it isn't mandatory, when doing this, we also recommend wrapping it in parentheses to avoid the pitfalls of [automatic semicolon insertion](http://stackoverflow.com/q/2846283)
+We split JSX over multiple lines for readability. While it isn't mandatory, when doing this, we also recommend wrapping it in parentheses to avoid the pitfalls of [automatic semicolon insertion](http://stackoverflow.com/q/2846283).
 
 ### JSX is an Expression Too