summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatt Tyson <mtyson@redhat.com>2012-11-13 07:26:41 +0100
committerByron Jones <bjones@mozilla.com>2012-11-13 07:26:41 +0100
commit8ceb5a0bf4540f9c1389bccfc62764f4eee8e5a4 (patch)
tree90ee3d06c26f9f74c0b91a47396d6d4bfd11b775
parent2a6f7d4663dfc5cb00c1bb8b8d8139869a22d461 (diff)
downloadbugzilla-8ceb5a0bf4540f9c1389bccfc62764f4eee8e5a4.tar.gz
bugzilla-8ceb5a0bf4540f9c1389bccfc62764f4eee8e5a4.tar.xz
But 800196: Sanitise line-endings for textarea fields
r=glob, a=LpSolit https://bugzilla.mozilla.org/show_bug.cgi?id=800196
-rw-r--r--Bugzilla/Bug.pm16
1 files changed, 16 insertions, 0 deletions
diff --git a/Bugzilla/Bug.pm b/Bugzilla/Bug.pm
index 3b14c4cb2..4a1723754 100644
--- a/Bugzilla/Bug.pm
+++ b/Bugzilla/Bug.pm
@@ -152,6 +152,9 @@ sub VALIDATORS {
elsif ($field->type == FIELD_TYPE_BUG_ID) {
$validator = \&_check_bugid_field;
}
+ elsif ($field->type == FIELD_TYPE_TEXTAREA) {
+ $validator = \&_check_textarea_field;
+ }
else {
$validator = \&_check_default_field;
}
@@ -2022,6 +2025,19 @@ sub _check_bugid_field {
return $checked_id;
}
+sub _check_textarea_field {
+ my ($invocant, $text, $field) = @_;
+
+ $text = (defined $text) ? trim($text) : '';
+
+ # Web browsers submit newlines as \r\n.
+ # Sanitize all input to match the web standard.
+ # XMLRPC input could be either \n or \r\n
+ $text =~ s/\r?\n/\r\n/g;
+
+ return $text;
+}
+
sub _check_relationship_loop {
# Generates a dependency tree for a given bug. Calls itself recursively
# to generate sub-trees for the bug's dependencies.