--- a/app/django/template/defaultfilters.py	Tue Oct 14 12:36:55 2008 +0000
+++ b/app/django/template/defaultfilters.py	Tue Oct 14 16:00:59 2008 +0000
@@ -62,20 +62,24 @@
 capfirst.is_safe=True
 capfirst = stringfilter(capfirst)
 
-_js_escapes = (
-    ('\\', '\\\\'),
-    ('"', '\\"'),
-    ("'", "\\'"),
-    ('\n', '\\n'),
-    ('\r', '\\r'),
-    ('\b', '\\b'),
-    ('\f', '\\f'),
-    ('\t', '\\t'),
-    ('\v', '\\v'),
-    ('</', '<\\/'),
+_base_js_escapes = (
+    ('\\', r'\x5C'),
+    ('\'', r'\x27'),
+    ('"', r'\x22'),
+    ('>', r'\x3E'),
+    ('<', r'\x3C'),
+    ('&', r'\x26'),
+    ('=', r'\x3D'),
+    ('-', r'\x2D'),
+    (';', r'\x3B')
 )
+
+# Escape every ASCII character with a value less than 32.
+_js_escapes = (_base_js_escapes +
+               tuple([('%c' % z, '\\x%02X' % z) for z in range(32)]))
+
 def escapejs(value):
-    """Backslash-escapes characters for use in JavaScript strings."""
+    """Hex encodes characters for use in JavaScript strings."""
     for bad, good in _js_escapes:
         value = value.replace(bad, good)
     return value
@@ -642,20 +646,24 @@
     from django.utils.timesince import timesince
     if not value:
         return u''
-    if arg:
-        return timesince(arg, value)
-    return timesince(value)
+    try:
+        if arg:
+            return timesince(value, arg)
+        return timesince(value)
+    except (ValueError, TypeError):
+        return u''
 timesince.is_safe = False
 
 def timeuntil(value, arg=None):
     """Formats a date as the time until that date (i.e. "4 days, 6 hours")."""
-    from django.utils.timesince import timesince
+    from django.utils.timesince import timeuntil
     from datetime import datetime
     if not value:
         return u''
-    if arg:
-        return timesince(arg, value)
-    return timesince(datetime.now(), value)
+    try:
+        return timeuntil(value, arg)
+    except (ValueError, TypeError):
+        return u''
 timeuntil.is_safe = False
 
 ###################