diff options
author | Matt Tyson <mtyson@redhat.com> | 2012-11-13 07:26:41 +0100 |
---|---|---|
committer | Byron Jones <bjones@mozilla.com> | 2012-11-13 07:26:41 +0100 |
commit | 8ceb5a0bf4540f9c1389bccfc62764f4eee8e5a4 (patch) | |
tree | 90ee3d06c26f9f74c0b91a47396d6d4bfd11b775 | |
parent | 2a6f7d4663dfc5cb00c1bb8b8d8139869a22d461 (diff) | |
download | bugzilla-8ceb5a0bf4540f9c1389bccfc62764f4eee8e5a4.tar.gz bugzilla-8ceb5a0bf4540f9c1389bccfc62764f4eee8e5a4.tar.xz |
But 800196: Sanitise line-endings for textarea fields
r=glob, a=LpSolit
https://bugzilla.mozilla.org/show_bug.cgi?id=800196
-rw-r--r-- | Bugzilla/Bug.pm | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/Bugzilla/Bug.pm b/Bugzilla/Bug.pm index 3b14c4cb2..4a1723754 100644 --- a/Bugzilla/Bug.pm +++ b/Bugzilla/Bug.pm @@ -152,6 +152,9 @@ sub VALIDATORS { elsif ($field->type == FIELD_TYPE_BUG_ID) { $validator = \&_check_bugid_field; } + elsif ($field->type == FIELD_TYPE_TEXTAREA) { + $validator = \&_check_textarea_field; + } else { $validator = \&_check_default_field; } @@ -2022,6 +2025,19 @@ sub _check_bugid_field { return $checked_id; } +sub _check_textarea_field { + my ($invocant, $text, $field) = @_; + + $text = (defined $text) ? trim($text) : ''; + + # Web browsers submit newlines as \r\n. + # Sanitize all input to match the web standard. + # XMLRPC input could be either \n or \r\n + $text =~ s/\r?\n/\r\n/g; + + return $text; +} + sub _check_relationship_loop { # Generates a dependency tree for a given bug. Calls itself recursively # to generate sub-trees for the bug's dependencies. |