From 0ca55bd31d48436feabd6ad474eb2900c937e768 Mon Sep 17 00:00:00 2001
From: "justdave%syndicomm.com" <>
Date: Thu, 18 Sep 2003 05:12:56 +0000
Subject: Bug 219216: Javascript improperly using FILTER html instead of FILTER
 js causing data with @ produced by javascript to show up as &#64; r=timeless,
 a=justdave

---
 Bugzilla/Template.pm                            | 1 +
 template/en/default/bug/create/create.html.tmpl | 4 ++--
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm
index f3e3685f7..f9342e11f 100644
--- a/Bugzilla/Template.pm
+++ b/Bugzilla/Template.pm
@@ -194,6 +194,7 @@ sub create {
                 $var =~ s/([\\\'\"])/\\$1/g;
                 $var =~ s/\n/\\n/g;
                 $var =~ s/\r/\\r/g;
+                $var =~ s/\@/\\x40/g; # anti-spam for email addresses
                 return $var;
             },
 
diff --git a/template/en/default/bug/create/create.html.tmpl b/template/en/default/bug/create/create.html.tmpl
index b15efffac..507324bf7 100644
--- a/template/en/default/bug/create/create.html.tmpl
+++ b/template/en/default/bug/create/create.html.tmpl
@@ -33,8 +33,8 @@ var default_owners = new Array([% component_.size %]);
 var components = new Array([% component_.size %]);
 [% count = 0 %]
 [%- FOREACH c = component_ %]
-    components[[% count %]] = "[% c.name FILTER html %]";
-    default_owners[[% count %]] = "[% c.default_login FILTER html %]";
+    components[[% count %]] = "[% c.name FILTER js %]";
+    default_owners[[% count %]] = "[% c.default_login FILTER js %]";
     [% count = count + 1 %]
 [%- END %]
 var last_default_owner;
-- 
cgit v1.2.3-24-g4f1b