summaryrefslogtreecommitdiffstats
path: root/template/en/default/list
diff options
context:
space:
mode:
authorgerv%gerv.net <>2003-09-07 04:23:09 +0200
committergerv%gerv.net <>2003-09-07 04:23:09 +0200
commit026539311662235ea26f5f3cfe885322846db6fb (patch)
tree97ded73af263f79157ec928cc0fc56c82e8b9334 /template/en/default/list
parent94266c521b3e388b41f3dd6f74948a9ec71997d5 (diff)
downloadbugzilla-026539311662235ea26f5f3cfe885322846db6fb.tar.gz
bugzilla-026539311662235ea26f5f3cfe885322846db6fb.tar.xz
Bug 207044 - Filter more template directives. None of these are security bugs, but they need fixing anyway. Patch by gerv; r,a=justdave.
Diffstat (limited to 'template/en/default/list')
-rw-r--r--template/en/default/list/change-columns.html.tmpl4
-rw-r--r--template/en/default/list/list.html.tmpl4
2 files changed, 6 insertions, 2 deletions
diff --git a/template/en/default/list/change-columns.html.tmpl b/template/en/default/list/change-columns.html.tmpl
index 61ff34dd7..d49a152c8 100644
--- a/template/en/default/list/change-columns.html.tmpl
+++ b/template/en/default/list/change-columns.html.tmpl
@@ -42,7 +42,9 @@
[% FOREACH column = masterlist %]
<input type="checkbox" id="[% column %]" name="column_[% column %]"
[% "checked='checked'" IF lsearch(collist, column) != -1 %]>
- <label for="[% column %]">[% field_descs.${column} || column %]</label>
+ <label for="[% column %]">
+ [% (field_descs.${column} || column) FILTER html %]
+ </label>
<br>
[% END %]
diff --git a/template/en/default/list/list.html.tmpl b/template/en/default/list/list.html.tmpl
index f02d92904..a61bdef98 100644
--- a/template/en/default/list/list.html.tmpl
+++ b/template/en/default/list/list.html.tmpl
@@ -149,7 +149,9 @@
[% END %]
[% IF bugowners %]
- <a href="mailto:[% bugowners %]">Send Mail to [% terms.Bug %] Owners</a> &nbsp;&nbsp;
+ <a href="mailto:[% bugowners FILTER html %]">Send
+ Mail to [% terms.Bug %] Owners</a>
+ &nbsp;&nbsp;
[% END %]
<a href="query.cgi?