Bug 1140798: Possible client side code injection in "suggested reviewers" menu.

author: Tooru Fujisawa <arai.unmht@gmail.com> 2015-03-09 17:13:32 +0100
committer: David Lawrence <dkl@mozilla.com> 2015-03-09 17:13:32 +0100
commit: b199f4960471ec9156f9c1ae2f165159d80f30df (patch)
tree: d57310b5ab6cba3aa304d768a9f61949dff983c8 /js
parent: 0d3b1ca0fd50904a994196bb8b0b9021ea11a414 (diff)
download: bugzilla-b199f4960471ec9156f9c1ae2f165159d80f30df.tar.gz
bugzilla-b199f4960471ec9156f9c1ae2f165159d80f30df.tar.xz
1 files changed, 2 insertions, 2 deletions
diff --git a/js/jquery/plugins/contextMenu/contextMenu-min.js b/js/jquery/plugins/contextMenu/contextMenu-min.js
index 2db092acc..3f6ce1938 100644
--- a/js/jquery/plugins/contextMenu/contextMenu-min.js
+++ b/js/jquery/plugins/contextMenu/contextMenu-min.js
@@ -62,7 +62,7 @@ $currentTrigger=null;opt.$menu.find('.hover').trigger('contextmenu:blur');opt.$s
 return true;}});}
 setTimeout(function(){$trigger.trigger('contextmenu:hidden');},10);});},create:function(opt,root){if(root===undefined){root=opt;}
 opt.$menu=$('<ul class="context-menu-list"></ul>').addClass(opt.className||"").data({'contextMenu':opt,'contextMenuRoot':root});$.each(['callbacks','commands','inputs'],function(i,k){opt[k]={};if(!root[k]){root[k]={};}});root.accesskeys||(root.accesskeys={});$.each(opt.items,function(key,item){var $t=$('<li class="context-menu-item"></li>').addClass(item.className||""),$label=null,$input=null;$t.on('click',$.noop);item.$node=$t.data({'contextMenu':opt,'contextMenuRoot':root,'contextMenuKey':key});if(item.accesskey){var aks=splitAccesskey(item.accesskey);for(var i=0,ak;ak=aks[i];i++){if(!root.accesskeys[ak]){root.accesskeys[ak]=item;item._name=item.name.replace(new RegExp('('+ak+')','i'),'<span class="context-menu-accesskey">$1</span>');break;}}}
-if(typeof item=="string"){$t.addClass('context-menu-separator not-selectable');}else if(item.type&&types[item.type]){types[item.type].call($t,item,opt,root);$.each([opt,root],function(i,k){k.commands[key]=item;if($.isFunction(item.callback)){k.callbacks[key]=item.callback;}});}else{if(item.type=='html'){$t.addClass('context-menu-html not-selectable');}else if(item.type){$label=$('<label></label>').appendTo($t);$('<span></span>').html(item._name||item.name).appendTo($label);$t.addClass('context-menu-input');opt.hasTypes=true;$.each([opt,root],function(i,k){k.commands[key]=item;k.inputs[key]=item;});}else if(item.items){item.type='sub';}
+if(typeof item=="string"){$t.addClass('context-menu-separator not-selectable');}else if(item.type&&types[item.type]){types[item.type].call($t,item,opt,root);$.each([opt,root],function(i,k){k.commands[key]=item;if($.isFunction(item.callback)){k.callbacks[key]=item.callback;}});}else{if(item.type=='html'){$t.addClass('context-menu-html not-selectable');}else if(item.type){$label=$('<label></label>').appendTo($t);$('<span></span>').text(item._name||item.name).appendTo($label);$t.addClass('context-menu-input');opt.hasTypes=true;$.each([opt,root],function(i,k){k.commands[key]=item;k.inputs[key]=item;});}else if(item.items){item.type='sub';}
 switch(item.type){case'text':$input=$('<input type="text" value="1" name="" value="">')
 .attr('name','context-menu-input-'+key)
 .val(item.value||"")
@@ -81,7 +81,7 @@ break;case'checkbox':$input=$('<input type="checkbox" value="1" name="" value=""
 .prependTo($label);break;case'select':$input=$('<select name="">')
 .attr('name','context-menu-input-'+key)
 .appendTo($label);if(item.options){$.each(item.options,function(value,text){$('<option></option>').val(value).text(text).appendTo($input);});$input.val(item.selected);}
-break;case'sub':$('<span></span>').html(item._name||item.name).appendTo($t);item.appendTo=item.$node;op.create(item,root);$t.data('contextMenu',item).addClass('context-menu-submenu');item.callback=null;break;case'html':$(item.html).appendTo($t);break;default:$.each([opt,root],function(i,k){k.commands[key]=item;if($.isFunction(item.callback)){k.callbacks[key]=item.callback;}});$('<span></span>').html(item._name||item.name||"").appendTo($t);break;}
+break;case'sub':$('<span></span>').text(item._name||item.name).appendTo($t);item.appendTo=item.$node;op.create(item,root);$t.data('contextMenu',item).addClass('context-menu-submenu');item.callback=null;break;case'html':$(item.html).appendTo($t);break;default:$.each([opt,root],function(i,k){k.commands[key]=item;if($.isFunction(item.callback)){k.callbacks[key]=item.callback;}});$('<span></span>').text(item._name||item.name||"").appendTo($t);break;}
 if(item.type&&item.type!='sub'&&item.type!='html'){$input
 .on('focus',handle.focusInput)
 .on('blur',handle.blurInput);if(item.events){$input.on(item.events,opt);}}
author	Tooru Fujisawa <arai.unmht@gmail.com>	2015-03-09 17:13:32 +0100
committer	David Lawrence <dkl@mozilla.com>	2015-03-09 17:13:32 +0100
commit	b199f4960471ec9156f9c1ae2f165159d80f30df (patch)
tree	d57310b5ab6cba3aa304d768a9f61949dff983c8 /js
parent	0d3b1ca0fd50904a994196bb8b0b9021ea11a414 (diff)
download	bugzilla-b199f4960471ec9156f9c1ae2f165159d80f30df.tar.gz bugzilla-b199f4960471ec9156f9c1ae2f165159d80f30df.tar.xz