Bug 1252445 - Tracking flags configuration is vulnerable to CSRF and causes persistent XSS

author: David Lawrence <dkl@mozilla.com> 2016-03-08 15:26:33 +0100
committer: David Lawrence <dkl@mozilla.com> 2016-03-08 15:26:44 +0100
commit: 02aa6ce0a7cd9ef14079a5ee22c175ff9d16ed58 (patch)
tree: d262348a346399b483951c41ec77e6e7017ca682 /extensions/BugModal/template
parent: 0a9f0581b3c8199476a3b8237c192947014f921a (diff)
download: bugzilla-02aa6ce0a7cd9ef14079a5ee22c175ff9d16ed58.tar.gz
bugzilla-02aa6ce0a7cd9ef14079a5ee22c175ff9d16ed58.tar.xz
1 files changed, 2 insertions, 1 deletions
diff --git a/extensions/BugModal/template/en/default/bug_modal/header.html.tmpl b/extensions/BugModal/template/en/default/bug_modal/header.html.tmpl
index f70e77bb1..84efbd077 100644
--- a/extensions/BugModal/template/en/default/bug_modal/header.html.tmpl
+++ b/extensions/BugModal/template/en/default/bug_modal/header.html.tmpl
@@ -77,7 +77,8 @@
   [%# add tracking flags json if available %]
   [% IF tracking_flags %]
     [% javascript_urls.push("extensions/TrackingFlags/web/js/tracking_flags.js") %]
-    TrackingFlags = [% tracking_flags_json FILTER none %];
+    var tracking_flags_str = "[% tracking_flags_json FILTER js %]";
+    var TrackingFlags = $.parseJSON(tracking_flags_str);
   [% END %]
 
   [%# update last-visited %]
author	David Lawrence <dkl@mozilla.com>	2016-03-08 15:26:33 +0100
committer	David Lawrence <dkl@mozilla.com>	2016-03-08 15:26:44 +0100
commit	02aa6ce0a7cd9ef14079a5ee22c175ff9d16ed58 (patch)
tree	d262348a346399b483951c41ec77e6e7017ca682 /extensions/BugModal/template
parent	0a9f0581b3c8199476a3b8237c192947014f921a (diff)
download	bugzilla-02aa6ce0a7cd9ef14079a5ee22c175ff9d16ed58.tar.gz bugzilla-02aa6ce0a7cd9ef14079a5ee22c175ff9d16ed58.tar.xz