From b9793ff0f4ad8d2ec4b26a8216e0484d5accf79f Mon Sep 17 00:00:00 2001
From: Byron Jones <glob@mozilla.com>
Date: Wed, 2 Apr 2014 22:21:12 +0800
Subject: Bug 987940: arbitrary product name (text) injection in guided
 workflow

---
 extensions/GuidedBugEntry/web/js/guided.js | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'extensions/GuidedBugEntry')

diff --git a/extensions/GuidedBugEntry/web/js/guided.js b/extensions/GuidedBugEntry/web/js/guided.js
index 5cb2839d2..b28c59d77 100644
--- a/extensions/GuidedBugEntry/web/js/guided.js
+++ b/extensions/GuidedBugEntry/web/js/guided.js
@@ -212,6 +212,8 @@ var product = {
             data = YAHOO.lang.JSON.parse(res.responseText);
             if (data.error)
               throw(data.error.message);
+            if (data.result.products.length == 0)
+              document.location.href = 'enter_bug.cgi?format=guided';
             product.details = data.result.products[0];
             bugForm.onProductUpdated();
           } catch (err) {
-- 
cgit v1.2.3-24-g4f1b