diff options
| author | justdave%syndicomm.com <> | 2003-09-18 07:12:56 +0200 |
|---|---|---|
| committer | justdave%syndicomm.com <> | 2003-09-18 07:12:56 +0200 |
| commit | 0ca55bd31d48436feabd6ad474eb2900c937e768 (patch) | |
| tree | 9b29fa0090a9a9e99849079c1ff01aa611b17245 | |
| parent | 5852e76888924d197ae0a2322ce27b506c46b900 (diff) | |
| download | bugzilla-0ca55bd31d48436feabd6ad474eb2900c937e768.tar.gz bugzilla-0ca55bd31d48436feabd6ad474eb2900c937e768.tar.xz | |
Bug 219216: Javascript improperly using FILTER html instead of FILTER js causing data with @ produced by javascript to show up as @
r=timeless, a=justdave
| -rw-r--r-- | Bugzilla/Template.pm | 1 | ||||
| -rw-r--r-- | template/en/default/bug/create/create.html.tmpl | 4 |
2 files changed, 3 insertions, 2 deletions
diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm index f3e3685f7..f9342e11f 100644 --- a/Bugzilla/Template.pm +++ b/Bugzilla/Template.pm @@ -194,6 +194,7 @@ sub create { $var =~ s/([\\\'\"])/\\$1/g; $var =~ s/\n/\\n/g; $var =~ s/\r/\\r/g; + $var =~ s/\@/\\x40/g; # anti-spam for email addresses return $var; }, diff --git a/template/en/default/bug/create/create.html.tmpl b/template/en/default/bug/create/create.html.tmpl index b15efffac..507324bf7 100644 --- a/template/en/default/bug/create/create.html.tmpl +++ b/template/en/default/bug/create/create.html.tmpl @@ -33,8 +33,8 @@ var default_owners = new Array([% component_.size %]); var components = new Array([% component_.size %]); [% count = 0 %] [%- FOREACH c = component_ %] - components[[% count %]] = "[% c.name FILTER html %]"; - default_owners[[% count %]] = "[% c.default_login FILTER html %]"; + components[[% count %]] = "[% c.name FILTER js %]"; + default_owners[[% count %]] = "[% c.default_login FILTER js %]"; [% count = count + 1 %] [%- END %] var last_default_owner; |