summaryrefslogtreecommitdiffstats
path: root/template/en/default/global
diff options
context:
space:
mode:
authorFrédéric Buclin <LpSolit@gmail.com>2012-01-06 00:50:05 +0100
committerFrédéric Buclin <LpSolit@gmail.com>2012-01-06 00:50:05 +0100
commitf2b9d48c8189f0ea68da1d8d1d73d5b1904b2b25 (patch)
tree72b001c65b070ad48c1d4e615d665ce73ba72cbe /template/en/default/global
parent9dbc12f52fbcbc7e48a8b7cbe45302bd36d256d3 (diff)
downloadbugzilla-f2b9d48c8189f0ea68da1d8d1d73d5b1904b2b25.tar.gz
bugzilla-f2b9d48c8189f0ea68da1d8d1d73d5b1904b2b25.tar.xz
Bug 714664: The content of the "emailregexpdesc" parameter is not escaped when displayed to the user
r=dkl a=LpSolit
Diffstat (limited to 'template/en/default/global')
-rw-r--r--template/en/default/global/code-error.html.tmpl2
-rw-r--r--template/en/default/global/user-error.html.tmpl2
2 files changed, 2 insertions, 2 deletions
diff --git a/template/en/default/global/code-error.html.tmpl b/template/en/default/global/code-error.html.tmpl
index ed3bcce02..e2cec5d91 100644
--- a/template/en/default/global/code-error.html.tmpl
+++ b/template/en/default/global/code-error.html.tmpl
@@ -46,7 +46,7 @@
A legal address must contain exactly one '@',
and at least one '.' after the @.
[% ELSE %]
- [%+ Param('emailregexpdesc') %]
+ [%+ Param('emailregexpdesc') FILTER html_light %]
[% END %]
It must also not contain any of these special characters:
<tt>\ ( ) &amp; &lt; &gt; , ; : &quot; [ ]</tt>, or any whitespace.
diff --git a/template/en/default/global/user-error.html.tmpl b/template/en/default/global/user-error.html.tmpl
index 89926bfd5..57374a566 100644
--- a/template/en/default/global/user-error.html.tmpl
+++ b/template/en/default/global/user-error.html.tmpl
@@ -852,7 +852,7 @@
A legal address must contain exactly one '@',
and at least one '.' after the @.
[% ELSE %]
- [%+ Param('emailregexpdesc') %]
+ [%+ Param('emailregexpdesc') FILTER html_light %]
[% END %]
It must also not contain any of these special characters:
<tt>\ ( ) &amp; &lt; &gt; , ; : &quot; [ ]</tt>, or any whitespace.