diff options
author | Frédéric Buclin <LpSolit@gmail.com> | 2012-01-06 00:50:05 +0100 |
---|---|---|
committer | Frédéric Buclin <LpSolit@gmail.com> | 2012-01-06 00:50:05 +0100 |
commit | f2b9d48c8189f0ea68da1d8d1d73d5b1904b2b25 (patch) | |
tree | 72b001c65b070ad48c1d4e615d665ce73ba72cbe /template/en/default/global | |
parent | 9dbc12f52fbcbc7e48a8b7cbe45302bd36d256d3 (diff) | |
download | bugzilla-f2b9d48c8189f0ea68da1d8d1d73d5b1904b2b25.tar.gz bugzilla-f2b9d48c8189f0ea68da1d8d1d73d5b1904b2b25.tar.xz |
Bug 714664: The content of the "emailregexpdesc" parameter is not escaped when displayed to the user
r=dkl a=LpSolit
Diffstat (limited to 'template/en/default/global')
-rw-r--r-- | template/en/default/global/code-error.html.tmpl | 2 | ||||
-rw-r--r-- | template/en/default/global/user-error.html.tmpl | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/template/en/default/global/code-error.html.tmpl b/template/en/default/global/code-error.html.tmpl index ed3bcce02..e2cec5d91 100644 --- a/template/en/default/global/code-error.html.tmpl +++ b/template/en/default/global/code-error.html.tmpl @@ -46,7 +46,7 @@ A legal address must contain exactly one '@', and at least one '.' after the @. [% ELSE %] - [%+ Param('emailregexpdesc') %] + [%+ Param('emailregexpdesc') FILTER html_light %] [% END %] It must also not contain any of these special characters: <tt>\ ( ) & < > , ; : " [ ]</tt>, or any whitespace. diff --git a/template/en/default/global/user-error.html.tmpl b/template/en/default/global/user-error.html.tmpl index 89926bfd5..57374a566 100644 --- a/template/en/default/global/user-error.html.tmpl +++ b/template/en/default/global/user-error.html.tmpl @@ -852,7 +852,7 @@ A legal address must contain exactly one '@', and at least one '.' after the @. [% ELSE %] - [%+ Param('emailregexpdesc') %] + [%+ Param('emailregexpdesc') FILTER html_light %] [% END %] It must also not contain any of these special characters: <tt>\ ( ) & < > , ; : " [ ]</tt>, or any whitespace. |