diff options
author | lpsolit%gmail.com <> | 2006-10-15 05:26:50 +0200 |
---|---|---|
committer | lpsolit%gmail.com <> | 2006-10-15 05:26:50 +0200 |
commit | b1ef63e5bfc0d3995245b42154686db1400b2c22 (patch) | |
tree | 0db4955b3303c2e5565d6e97e8fac62c63147117 /template/en/default/admin/groups | |
parent | 40aae68e1263b9677285473a9205cef378b451c0 (diff) | |
download | bugzilla-b1ef63e5bfc0d3995245b42154686db1400b2c22.tar.gz bugzilla-b1ef63e5bfc0d3995245b42154686db1400b2c22.tar.xz |
Bug 206037: [SECURITY] Fix escaping/quoting in edit*.cgi scripts - Patch by Frédéric Buclin <LpSolit@gmail.com> r=justdave a=justdave
Diffstat (limited to 'template/en/default/admin/groups')
-rw-r--r-- | template/en/default/admin/groups/delete.html.tmpl | 2 | ||||
-rw-r--r-- | template/en/default/admin/groups/edit.html.tmpl | 2 | ||||
-rw-r--r-- | template/en/default/admin/groups/list.html.tmpl | 1 |
3 files changed, 3 insertions, 2 deletions
diff --git a/template/en/default/admin/groups/delete.html.tmpl b/template/en/default/admin/groups/delete.html.tmpl index d0c50f69a..f5aa7a9b4 100644 --- a/template/en/default/admin/groups/delete.html.tmpl +++ b/template/en/default/admin/groups/delete.html.tmpl @@ -48,7 +48,7 @@ <tr> <td>[% gid FILTER html %]</td> <td>[% name FILTER html %]</td> - <td>[% description FILTER html %]</td> + <td>[% description FILTER html_light %]</td> </tr> </table> diff --git a/template/en/default/admin/groups/edit.html.tmpl b/template/en/default/admin/groups/edit.html.tmpl index 51aba7ffe..a66e78fde 100644 --- a/template/en/default/admin/groups/edit.html.tmpl +++ b/template/en/default/admin/groups/edit.html.tmpl @@ -165,7 +165,7 @@ [% group.grpnam FILTER html %] </a> </td> - <td align="left" class="groupdesc">[% group.grpdesc FILTER html %]</td> + <td align="left" class="groupdesc">[% group.grpdesc FILTER html_light %]</td> </tr> [% END %] </table> diff --git a/template/en/default/admin/groups/list.html.tmpl b/template/en/default/admin/groups/list.html.tmpl index fe32bc53d..ef2c7486b 100644 --- a/template/en/default/admin/groups/list.html.tmpl +++ b/template/en/default/admin/groups/list.html.tmpl @@ -47,6 +47,7 @@ } {name => 'description' heading => 'Description' + allow_html_content => 1 } {name => 'userregexp' heading => 'User RegExp' |