diff --git a/src/pkg/html/template/content.go b/src/pkg/html/template/content.go
index c1bd2e4949b..42ea7930f07 100644
--- a/src/pkg/html/template/content.go
+++ b/src/pkg/html/template/content.go
@@ -47,7 +47,7 @@ type (
 	// JSStr("foo\\nbar") is fine, but JSStr("foo\\\nbar") is not.
 	JSStr string
 
-	// URL encapsulates a known safe URL as defined in RFC 3896.
+	// URL encapsulates a known safe URL or URL substring (see RFC 3986).
 	// A URL like `javascript:checkThatFormNotEditedBeforeLeavingPage()`
 	// from a trusted source should go in the page, but by default dynamic
 	// `javascript:` URLs are filtered out since they are a frequently