diff options
author | justdave%syndicomm.com <> | 2001-05-10 11:53:21 +0200 |
---|---|---|
committer | justdave%syndicomm.com <> | 2001-05-10 11:53:21 +0200 |
commit | 12ec69f9666726f8751901cac9470ec8bb85eb9b (patch) | |
tree | b06188d2c765205d0c3d69593a52710565d0548a /CGI.pl | |
parent | 47bffcac295be86c9614f08239444b69fd739861 (diff) | |
download | bugzilla-12ec69f9666726f8751901cac9470ec8bb85eb9b.tar.gz bugzilla-12ec69f9666726f8751901cac9470ec8bb85eb9b.tar.xz |
Fix for bug 38855: showvotes.cgi needs to escape (untrusted) url params
Patch by Myke Melez <myk@mozilla.org>
r= jake@acutex.net
Diffstat (limited to 'CGI.pl')
-rw-r--r-- | CGI.pl | 14 |
1 files changed, 14 insertions, 0 deletions
@@ -963,6 +963,20 @@ sub PutFooter { } +sub DisplayError { + my ($message, $title) = (@_); + $title ||= "Error"; + + print "Content-type: text/html\n\n"; + PutHeader($title); + + print PerformSubsts( Param("errorhtml") , {errormsg => $message} ); + + PutFooter(); + + return 1; +} + sub PuntTryAgain ($) { my ($str) = (@_); print PerformSubsts(Param("errorhtml"), |