diff options
| author | mkanat%bugzilla.org <> | 2009-01-29 22:22:19 +0100 |
|---|---|---|
| committer | mkanat%bugzilla.org <> | 2009-01-29 22:22:19 +0100 |
| commit | fc293fbd39f14308fbccd0cf9b523664ae813761 (patch) | |
| tree | 2eff5448dfbcf0fb0a0671fad80da0752db8f727 /template/en/default/bug/show.xml.tmpl | |
| parent | 25e6018ac8a6cf1a99b299fe60ce6c5b1e1d61e6 (diff) | |
| download | bugzilla-fc293fbd39f14308fbccd0cf9b523664ae813761.tar.gz bugzilla-fc293fbd39f14308fbccd0cf9b523664ae813761.tar.xz | |
Bug 219021: Only display email addresses to logged-in users
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
Diffstat (limited to 'template/en/default/bug/show.xml.tmpl')
| -rw-r--r-- | template/en/default/bug/show.xml.tmpl | 27 |
1 files changed, 17 insertions, 10 deletions
diff --git a/template/en/default/bug/show.xml.tmpl b/template/en/default/bug/show.xml.tmpl index 23874d989..f6f3617a0 100644 --- a/template/en/default/bug/show.xml.tmpl +++ b/template/en/default/bug/show.xml.tmpl @@ -25,9 +25,13 @@ <bugzilla version="[% constants.BUGZILLA_VERSION %]" urlbase="[% urlbase FILTER xml %]" + [%# Note that the maintainer's email is not filtered, + # intentionally. Even logged-out users should be able + # to see that, since it will be in error messages anyway. + %] maintainer="[% Param('maintainer') FILTER xml %]" [% IF user.id %] - exporter="[% user.email FILTER xml %]" + exporter="[% user.email FILTER email FILTER xml %]" [% END %] > @@ -58,9 +62,9 @@ <flag name="[% type.name FILTER xml %]" id="[% flag.id FILTER xml %]" status="[% flag.status FILTER xml %]" - setter="[% flag.setter.login FILTER xml %]" + setter="[% flag.setter.login FILTER email FILTER xml %]" [% IF flag.requestee %] - requestee="[% flag.requestee.login FILTER xml %]" + requestee="[% flag.requestee.login FILTER email FILTER xml %]" [% END %] /> [% END %] @@ -69,12 +73,12 @@ [% FOREACH c = bug.longdescs %] [% NEXT IF c.isprivate && !user.in_group(Param("insidergroup")) %] <long_desc isprivate="[% c.isprivate FILTER xml %]"> - <who name="[% c.author.name FILTER xml %]">[% c.author.email FILTER xml %]</who> + <who name="[% c.author.name FILTER xml %]">[% c.author.email FILTER email FILTER xml %]</who> <bug_when>[% c.time FILTER time FILTER xml %]</bug_when> [% IF user.in_group(Param('timetrackinggroup')) && (c.work_time - 0 != 0) %] <work_time>[% PROCESS formattimeunit time_unit = c.work_time FILTER xml %]</work_time> [% END %] - <thetext>[% c.body FILTER xml %]</thetext> + <thetext>[% c.body FILTER email FILTER xml %]</thetext> </long_desc> [% END %] [% END %] @@ -93,7 +97,7 @@ <filename>[% a.filename FILTER xml %]</filename> <type>[% a.contenttype FILTER xml %]</type> <size>[% a.datasize FILTER xml %]</size> - <attacher>[% a.attacher.email FILTER xml %]</attacher> + <attacher>[% a.attacher.email FILTER email FILTER xml %]</attacher> [% IF displayfields.attachmentdata %] <data encoding="base64">[% a.data FILTER base64 %]</data> [% END %] @@ -102,9 +106,9 @@ <flag name="[% flag.type.name FILTER xml %]" id="[% flag.id FILTER xml %]" status="[% flag.status FILTER xml %]" - setter="[% flag.setter.email FILTER xml %]" + setter="[% flag.setter.email FILTER email FILTER xml %]" [% IF flag.status == "?" && flag.requestee %] - requestee="[% flag.requestee.email FILTER xml %]" + requestee="[% flag.requestee.email FILTER email FILTER xml %]" [% END %] /> [% END %] @@ -129,10 +133,13 @@ [% IF field == 'reporter' OR field == 'assigned_to' OR field == 'qa_contact' %] [% name = val.name %] - [% val = val.email %] + [% val = val.email FILTER email %] + [% ELSIF field == 'cc' %] + [% val = val FILTER email %] [% ELSIF field == 'creation_ts' OR field == 'delta_ts' %] [% val = val FILTER time %] [% END %] - <[% field %][% IF name != '' %] name="[% name FILTER xml %]"[% END -%]>[% val FILTER xml %]</[% field %]> + <[% field %][% IF name != '' %] name="[% name FILTER xml %]"[% END -%]> + [%- val FILTER xml %]</[% field %]> [% END %] [% END %] |