diff options
Diffstat (limited to 'Bugzilla')
-rw-r--r-- | Bugzilla/Util.pm | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm index fd0f8b92e..4371441a0 100644 --- a/Bugzilla/Util.pm +++ b/Bugzilla/Util.pm @@ -65,17 +65,20 @@ sub detaint_signed { return (defined($_[0])); } +my %html_quote = ( + q{&} => '&', + q{<} => '<', + q{>} => '>', + q{"} => '"', + q{@} => '@', # Obscure '@'. +); + # Bug 120030: Override html filter to obscure the '@' in user # visible strings. # Bug 319331: Handle BiDi disruptions. sub html_quote { my $var = shift; - $var =~ s/&/&/g; - $var =~ s/</</g; - $var =~ s/>/>/g; - $var =~ s/"/"/g; - # Obscure '@'. - $var =~ s/\@/\@/g; + $var =~ s/([&<>"@])/$html_quote{$1}/g; state $use_utf8 = Bugzilla->params->{'utf8'}; |