summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDavid Lawrence <dkl@mozilla.com>2014-04-18 23:03:43 +0200
committerDavid Lawrence <dkl@mozilla.com>2014-04-18 23:03:43 +0200
commit12f4d7307b930d091e1160a68ace687f13e7a64c (patch)
tree47559881f0d7b97ebc3da1216b27c15108d208df
parentb909fa7d401cc1606f2e9c65a5f3e3ee4199e523 (diff)
downloadbugzilla-12f4d7307b930d091e1160a68ace687f13e7a64c.tar.gz
bugzilla-12f4d7307b930d091e1160a68ace687f13e7a64c.tar.xz
Bug 998323 - URLs pasted in comments are no longer displayed
r=LpSolit,a=justdave
-rw-r--r--Bugzilla/Template.pm25
1 files changed, 11 insertions, 14 deletions
diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm
index 08999b27a..98be21d55 100644
--- a/Bugzilla/Template.pm
+++ b/Bugzilla/Template.pm
@@ -162,13 +162,11 @@ sub quoteUrls {
# (http://foo/bug#3 for example). Filtering that out filters valid
# bug refs out, so we have to do replacements.
# mailto can't contain space or #, so we don't have to bother for that
- # Do this by escaping \0 to \1\0, and replacing matches with \0\0$count\0\0
- # \0 is used because it's unlikely to occur in the text, so the cost of
- # doing this should be very small
-
- # escape the 2nd escape char we're using
- my $chr1 = chr(1);
- $text =~ s/\0/$chr1\0/g;
+ # Do this by replacing matches with \x{FDD2}$count\x{FDD3}
+ # \x{FDDx} is used because it's unlikely to occur in the text
+ # and are reserved unicode characters. We disable warnings for now
+ # until we require Perl 5.13.9 or newer.
+ no warnings 'utf8';
# However, note that adding the title (for buglinks) can affect things
# In particular, attachment matches go before bug titles, so that titles
@@ -195,11 +193,11 @@ sub quoteUrls {
$1, $2, $3, $4,
$5, $6, $7, $8,
$9, $10]}))
- && ("\0\0" . ($count-1) . "\0\0")/egx;
+ && ("\x{FDD2}" . ($count-1) . "\x{FDD3}")/egx;
}
else {
$text =~ s/$match/($things[$count++] = $replace)
- && ("\0\0" . ($count-1) . "\0\0")/egx;
+ && ("\x{FDD2}" . ($count-1) . "\x{FDD3}")/egx;
}
}
@@ -209,7 +207,7 @@ sub quoteUrls {
Bugzilla->params->{'sslbase'})) . ')';
$text =~ s~\b(${urlbase_re}\Qshow_bug.cgi?id=\E([0-9]+)(\#c([0-9]+))?)\b
~($things[$count++] = get_bug_link($3, $1, { comment_num => $5, user => $user })) &&
- ("\0\0" . ($count-1) . "\0\0")
+ ("\x{FDD2}" . ($count-1) . "\x{FDD3}")
~egox;
# non-mailto protocols
@@ -217,7 +215,7 @@ sub quoteUrls {
$text =~ s~\b($safe_protocols)
~($tmp = html_quote($1)) &&
($things[$count++] = "<a href=\"$tmp\">$tmp</a>") &&
- ("\0\0" . ($count-1) . "\0\0")
+ ("\x{FDD2}" . ($count-1) . "\x{FDD3}")
~egox;
# We have to quote now, otherwise the html itself is escaped
@@ -238,7 +236,7 @@ sub quoteUrls {
# attachment links
$text =~ s~\b(attachment\s*\#?\s*(\d+)(?:\s+\[details\])?)
~($things[$count++] = get_attachment_link($2, $1, $user)) &&
- ("\0\0" . ($count-1) . "\0\0")
+ ("\x{FDD2}" . ($count-1) . "\x{FDD3}")
~egmxi;
# Current bug ID this comment belongs to
@@ -268,9 +266,8 @@ sub quoteUrls {
# Now remove the encoding hacks in reverse order
for (my $i = $#things; $i >= 0; $i--) {
- $text =~ s/\0\0($i)\0\0/$things[$i]/eg;
+ $text =~ s/\x{FDD2}($i)\x{FDD3}/$things[$i]/eg;
}
- $text =~ s/$chr1\0/\0/g;
return $text;
}