diff options
| author | lpsolit%gmail.com <> | 2006-10-15 05:26:50 +0200 |
|---|---|---|
| committer | lpsolit%gmail.com <> | 2006-10-15 05:26:50 +0200 |
| commit | b1ef63e5bfc0d3995245b42154686db1400b2c22 (patch) | |
| tree | 0db4955b3303c2e5565d6e97e8fac62c63147117 /template/en/default/account/prefs/permissions.html.tmpl | |
| parent | 40aae68e1263b9677285473a9205cef378b451c0 (diff) | |
| download | bugzilla-b1ef63e5bfc0d3995245b42154686db1400b2c22.tar.gz bugzilla-b1ef63e5bfc0d3995245b42154686db1400b2c22.tar.xz | |
Bug 206037: [SECURITY] Fix escaping/quoting in edit*.cgi scripts - Patch by Frédéric Buclin <LpSolit@gmail.com> r=justdave a=justdave
Diffstat (limited to 'template/en/default/account/prefs/permissions.html.tmpl')
| -rw-r--r-- | template/en/default/account/prefs/permissions.html.tmpl | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/template/en/default/account/prefs/permissions.html.tmpl b/template/en/default/account/prefs/permissions.html.tmpl index dd6e1785b..77dda1ce4 100644 --- a/template/en/default/account/prefs/permissions.html.tmpl +++ b/template/en/default/account/prefs/permissions.html.tmpl @@ -42,8 +42,8 @@ <table align="center"> [% FOREACH bit_description = has_bits %] <tr> - <td>[% bit_description.name %]</td> - <td>[% bit_description.desc %]</td> + <td>[% bit_description.name FILTER html %]</td> + <td>[% bit_description.desc FILTER html_light %]</td> </tr> [% END %] </table> @@ -63,8 +63,8 @@ <table align="center"> [% FOREACH bit_description = set_bits %] <tr> - <td>[% bit_description.name %]</td> - <td>[% bit_description.desc %]</td> + <td>[% bit_description.name FILTER html %]</td> + <td>[% bit_description.desc FILTER html_light %]</td> </tr> [% END %] </table> |