diff options
author | Max Kanat-Alexander <mkanat@bugzilla.org> | 2010-05-19 19:20:09 +0200 |
---|---|---|
committer | Max Kanat-Alexander <mkanat@bugzilla.org> | 2010-05-19 19:20:09 +0200 |
commit | 401b0d1301cf419ff40d7cb82d2763b13accd26a (patch) | |
tree | 6f88f573c4cdae792ff04cc5c4510c0587540f7e /Bugzilla | |
parent | 4095f06769a8fb3ce0878209508a6f129b099d91 (diff) | |
download | bugzilla-401b0d1301cf419ff40d7cb82d2763b13accd26a.tar.gz bugzilla-401b0d1301cf419ff40d7cb82d2763b13accd26a.tar.xz |
Bug 565899: Make the html_linebreak filter safe by having it first call the
"html" filter
r=LpSolit, a=LpSolit
Diffstat (limited to 'Bugzilla')
-rw-r--r-- | Bugzilla/Template.pm | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm index 71370a8c1..274ed8847 100644 --- a/Bugzilla/Template.pm +++ b/Bugzilla/Template.pm @@ -532,6 +532,7 @@ sub create { # See bugs 4928, 22983 and 32000 for more details html_linebreak => sub { my ($var) = @_; + $var = html_quote($var); $var =~ s/\r\n/\
/g; $var =~ s/\n\r/\
/g; $var =~ s/\r/\
/g; |