Bug 1163393: XSS in the new jQuery autocomplete code

r=dkl,a=glob
author: Byron Jones <glob@mozilla.com> 2015-05-12 05:20:37 +0200
committer: Byron Jones <glob@mozilla.com> 2015-05-12 05:20:37 +0200
commit: 7f3cc6428c61dde8afbbe4ba6f7a50728af2449a (patch)
tree: d8005ca6e6d6aee8cf35e95a137497a216d4c909 /js
parent: bd41649cf11a5bd06ba07ac46ed5795f2adb1978 (diff)
download: bugzilla-7f3cc6428c61dde8afbbe4ba6f7a50728af2449a.tar.gz
bugzilla-7f3cc6428c61dde8afbbe4ba6f7a50728af2449a.tar.xz
1 files changed, 6 insertions, 2 deletions
diff --git a/js/field.js b/js/field.js
index f55852671..5a48db471 100644
--- a/js/field.js
+++ b/js/field.js
@@ -844,8 +844,12 @@ $(function() {
             };
         },
         formatResult: function(suggestion, currentValue) {
-            return suggestion.data.name === '' ?
-                suggestion.data.login : suggestion.data.name + ' (' + suggestion.data.login + ')';
+            return (suggestion.data.name === '' ?
+                suggestion.data.login : suggestion.data.name + ' (' + suggestion.data.login + ')')
+                .replace(/&/g, '&amp;')
+                .replace(/</g, '&lt;')
+                .replace(/>/g, '&gt;')
+                .replace(/"/g, '&quot;');
         },
         onSearchStart: function(params) {
             var that = $(this);
author	Byron Jones <glob@mozilla.com>	2015-05-12 05:20:37 +0200
committer	Byron Jones <glob@mozilla.com>	2015-05-12 05:20:37 +0200
commit	7f3cc6428c61dde8afbbe4ba6f7a50728af2449a (patch)
tree	d8005ca6e6d6aee8cf35e95a137497a216d4c909 /js
parent	bd41649cf11a5bd06ba07ac46ed5795f2adb1978 (diff)
download	bugzilla-7f3cc6428c61dde8afbbe4ba6f7a50728af2449a.tar.gz bugzilla-7f3cc6428c61dde8afbbe4ba6f7a50728af2449a.tar.xz