Bug 1254675 - bug_modal template fails to escape format parameter

author: David Lawrence <dkl@mozilla.com> 2016-03-10 04:11:41 +0100
committer: David Lawrence <dkl@mozilla.com> 2016-03-10 04:11:48 +0100
commit: ad2b169b0b40aa53bfacb8a7cfb89631134a865d (patch)
tree: 189605b47cac1b5ac25e413f425629b61f6cf1c3
parent: 0b7cd97e2e75eabee69d663530912e57dd715213 (diff)
download: bugzilla-ad2b169b0b40aa53bfacb8a7cfb89631134a865d.tar.gz
bugzilla-ad2b169b0b40aa53bfacb8a7cfb89631134a865d.tar.xz
1 files changed, 1 insertions, 1 deletions
diff --git a/extensions/BugModal/template/en/default/bug_modal/edit.html.tmpl b/extensions/BugModal/template/en/default/bug_modal/edit.html.tmpl
index 9b6e0ebd4..25f785a9d 100644
--- a/extensions/BugModal/template/en/default/bug_modal/edit.html.tmpl
+++ b/extensions/BugModal/template/en/default/bug_modal/edit.html.tmpl
@@ -167,7 +167,7 @@
     %]
       <div id="field-value-bug_id">
         <a id="this-bug" href="show_bug.cgi?id=[% bug.id FILTER none %]
-                [%~ '&amp;format=' _ cgi.param("format") IF cgi.param("format") %]"
+                [%~ '&amp;format=' _ cgi.param("format") FILTER uri IF cgi.param("format") %]"
         >
           [%~ terms.Bug _ " " _ bug.id FILTER none ~%]
         </a>
author	David Lawrence <dkl@mozilla.com>	2016-03-10 04:11:41 +0100
committer	David Lawrence <dkl@mozilla.com>	2016-03-10 04:11:48 +0100
commit	ad2b169b0b40aa53bfacb8a7cfb89631134a865d (patch)
tree	189605b47cac1b5ac25e413f425629b61f6cf1c3
parent	0b7cd97e2e75eabee69d663530912e57dd715213 (diff)
download	bugzilla-ad2b169b0b40aa53bfacb8a7cfb89631134a865d.tar.gz bugzilla-ad2b169b0b40aa53bfacb8a7cfb89631134a865d.tar.xz