Bug 702695: display unsafe-url warning on inline-history urls

2 files changed, 12 insertions, 2 deletions

diff --git a/extensions/InlineHistory/template/en/default/hook/bug/comments-aftercomments.html.tmpl b/extensions/InlineHistory/template/en/default/hook/bug/comments-aftercomments.html.tmpl
index 261f5b3fd..dffec1d28 100644
--- a/extensions/InlineHistory/template/en/default/hook/bug/comments-aftercomments.html.tmpl
+++ b/extensions/InlineHistory/template/en/default/hook/bug/comments-aftercomments.html.tmpl
@@ -136,8 +136,12 @@
     [% PROCESS formattimeunit time_unit = value FILTER html FILTER js %]
   [% ELSIF change.buglist %]
     [% value FILTER bug_list_link FILTER js %]
-  [% ELSIF change.fieldname == 'bug_file_loc' ||
-           change.fieldname == 'see_also' %]
+  [% ELSIF change.fieldname == 'bug_file_loc' %]
+    [%~%]<a href="[% value FILTER html FILTER js %]" target="_blank"
+      [%~ ' onclick="return inline_history.confirmUnsafeUrl(this.href)"'
+          UNLESS is_safe_url(value) %]>
+    [%~%][% value FILTER html FILTER js %]</a>
+  [% ELSIF change.fieldname == 'see_also' %]
     [%~%]<a href="[% value FILTER html FILTER js %]" target="_blank">
     [%~%][% value FILTER html FILTER js %]</a>
   [% ELSIF change.fieldname == 'assigned_to' ||
diff --git a/extensions/InlineHistory/web/inline-history.js b/extensions/InlineHistory/web/inline-history.js
index 40f208d57..a6655e10b 100644
--- a/extensions/InlineHistory/web/inline-history.js
+++ b/extensions/InlineHistory/web/inline-history.js
@@ -368,6 +368,12 @@ var inline_history = {
     ul.appendChild(li);
   },
 
+  confirmUnsafeUrl: function(url) {
+    return confirm(
+      'This is considered an unsafe URL and could possibly be harmful.\n'
+      + 'The full URL is:\n\n' + url + '\n\nContinue?');
+  },
+
   previousElementSibling: function(el) {
     if (el.previousElementSibling)
       return el.previousElementSibling;