From b1ef63e5bfc0d3995245b42154686db1400b2c22 Mon Sep 17 00:00:00 2001
From: "lpsolit%gmail.com" <>
Date: Sun, 15 Oct 2006 03:26:50 +0000
Subject: Bug 206037: [SECURITY] Fix escaping/quoting in edit*.cgi scripts -
 Patch by Frédéric Buclin <LpSolit@gmail.com> r=justdave a=justdave
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../en/default/account/prefs/permissions.html.tmpl |  8 ++--
 .../en/default/account/prefs/settings.html.tmpl    |  8 ++--
 .../en/default/admin/classifications/del.html.tmpl |  2 +-
 .../default/admin/classifications/edit.html.tmpl   |  2 +-
 .../admin/classifications/reclassify.html.tmpl     |  2 +-
 .../default/admin/classifications/select.html.tmpl |  2 +-
 .../admin/components/confirm-delete.html.tmpl      |  4 +-
 .../en/default/admin/components/updated.html.tmpl  |  2 +-
 template/en/default/admin/groups/delete.html.tmpl  |  2 +-
 template/en/default/admin/groups/edit.html.tmpl    |  2 +-
 template/en/default/admin/groups/list.html.tmpl    |  1 +
 template/en/default/admin/keywords/list.html.tmpl  |  3 +-
 .../admin/products/confirm-delete.html.tmpl        |  6 +--
 .../default/admin/products/edit-common.html.tmpl   |  2 +-
 template/en/default/admin/products/edit.html.tmpl  |  2 +-
 .../en/default/admin/products/updated.html.tmpl    |  2 +-
 template/en/default/admin/settings/edit.html.tmpl  |  6 +--
 template/en/default/admin/table.html.tmpl          | 16 +++++---
 template/en/default/admin/users/edit.html.tmpl     |  2 +-
 template/en/default/admin/users/list.html.tmpl     | 46 ++++++++++++++--------
 template/en/default/bug/create/create.html.tmpl    |  2 +-
 template/en/default/bug/edit.html.tmpl             |  6 +--
 template/en/default/bug/show-multiple.html.tmpl    |  2 +-
 template/en/default/filterexceptions.pl            | 35 ----------------
 .../default/global/choose-classification.html.tmpl |  2 +-
 .../en/default/global/choose-product.html.tmpl     |  2 +-
 template/en/default/list/edit-multiple.html.tmpl   |  7 +---
 template/en/default/list/list-simple.html.tmpl     |  4 +-
 template/en/default/reports/components.html.tmpl   |  4 +-
 template/en/default/reports/keywords.html.tmpl     |  4 +-
 30 files changed, 84 insertions(+), 104 deletions(-)

(limited to 'template')

diff --git a/template/en/default/account/prefs/permissions.html.tmpl b/template/en/default/account/prefs/permissions.html.tmpl
index dd6e1785b..77dda1ce4 100644
--- a/template/en/default/account/prefs/permissions.html.tmpl
+++ b/template/en/default/account/prefs/permissions.html.tmpl
@@ -42,8 +42,8 @@
         <table align="center">
           [% FOREACH bit_description = has_bits %]
             <tr>
-              <td>[% bit_description.name %]</td>
-              <td>[% bit_description.desc %]</td>
+              <td>[% bit_description.name FILTER html %]</td>
+              <td>[% bit_description.desc FILTER html_light %]</td>
             </tr>
           [% END %]
         </table>
@@ -63,8 +63,8 @@
           <table align="center">
           [% FOREACH bit_description = set_bits %]
             <tr>
-              <td>[% bit_description.name %]</td>
-              <td>[% bit_description.desc %]</td>
+              <td>[% bit_description.name FILTER html %]</td>
+              <td>[% bit_description.desc FILTER html_light %]</td>
             </tr>
           [% END %]
           </table>
diff --git a/template/en/default/account/prefs/settings.html.tmpl b/template/en/default/account/prefs/settings.html.tmpl
index 3ef9a5852..568dac0cb 100644
--- a/template/en/default/account/prefs/settings.html.tmpl
+++ b/template/en/default/account/prefs/settings.html.tmpl
@@ -49,8 +49,8 @@
         </td>
         <td>
           [% IF settings.${name}.is_enabled %]
-            <select name="[% name %]" id="[% name %]">
-              <option value="[% default_name %]"
+            <select name="[% name FILTER html %]" id="[% name FILTER html %]">
+              <option value="[% default_name FILTER html %]"
                 [% ' selected="selected"' IF settings.${name}.is_default %]>
                 Site Default ([% setting_descs.${default_val} OR default_val FILTER html %])
               </option>
@@ -64,8 +64,8 @@
               [% END %]
             </select>
           [% ELSE %]
-            <select name="[% name %]" id="[% name %]" disabled="disabled">
-              <option value="[% default_name %]">
+            <select name="[% name FILTER html %]" id="[% name FILTER html %]" disabled="disabled">
+              <option value="[% default_name FILTER html %]">
                 Site Default ([% setting_descs.${default_val} OR default_val FILTER html %])
               </option>
             </select>
diff --git a/template/en/default/admin/classifications/del.html.tmpl b/template/en/default/admin/classifications/del.html.tmpl
index b450548b7..84c3cb197 100644
--- a/template/en/default/admin/classifications/del.html.tmpl
+++ b/template/en/default/admin/classifications/del.html.tmpl
@@ -36,7 +36,7 @@
   <td valign="top">Description:</td>
   <td valign="top">
     [% IF classification.description %]
-      [% classification.description FILTER none %]
+      [% classification.description FILTER html_light %]
     [% ELSE %]
       <font color="red">description missing</font>
     [% END %]
diff --git a/template/en/default/admin/classifications/edit.html.tmpl b/template/en/default/admin/classifications/edit.html.tmpl
index b1fc482c2..b56a401f4 100644
--- a/template/en/default/admin/classifications/edit.html.tmpl
+++ b/template/en/default/admin/classifications/edit.html.tmpl
@@ -59,7 +59,7 @@
                 <th align=right valign=top>[% product.name FILTER html %]</th>
                 <td valign=top>
                   [% IF product.description %]
-                    [% product.description FILTER none %]
+                    [% product.description FILTER html_light %]
                   [% ELSE %]
                     <font color="red">description missing</font>
                   [% END %]
diff --git a/template/en/default/admin/classifications/reclassify.html.tmpl b/template/en/default/admin/classifications/reclassify.html.tmpl
index d45b88073..0db2fc265 100644
--- a/template/en/default/admin/classifications/reclassify.html.tmpl
+++ b/template/en/default/admin/classifications/reclassify.html.tmpl
@@ -33,7 +33,7 @@
       <td valign="top">Description:</td>
       <td valign="top" colspan=3>
         [% IF classification.description %]
-          [% classification.description FILTER none %]
+          [% classification.description FILTER html_light %]
         [% ELSE %]
           <font color="red">description missing</font>
         [% END %]
diff --git a/template/en/default/admin/classifications/select.html.tmpl b/template/en/default/admin/classifications/select.html.tmpl
index eaa2149f0..fd3aaf45d 100644
--- a/template/en/default/admin/classifications/select.html.tmpl
+++ b/template/en/default/admin/classifications/select.html.tmpl
@@ -37,7 +37,7 @@
       <td valign="top"><a href="editclassifications.cgi?action=edit&amp;classification=[% cl.name FILTER url_quote %]"><b>[% cl.name FILTER html %]</b></a></td>
       <td valign="top"> 
       [% IF cl.description %]
-        [% cl.description %]
+        [% cl.description FILTER html_light %]
       [% ELSE %]
         <font color="red">none</font>
       [% END %]
diff --git a/template/en/default/admin/components/confirm-delete.html.tmpl b/template/en/default/admin/components/confirm-delete.html.tmpl
index 4c94813fd..e7e00636e 100644
--- a/template/en/default/admin/components/confirm-delete.html.tmpl
+++ b/template/en/default/admin/components/confirm-delete.html.tmpl
@@ -44,7 +44,7 @@
 </tr>
 <tr>
   <td valign="top">Component Description:</td>
-  <td valign="top">[% comp.description FILTER html %]</td>
+  <td valign="top">[% comp.description FILTER html_light %]</td>
 </tr>
 <tr>
   <td valign="top">Default assignee:</td>
@@ -66,7 +66,7 @@
 </tr>
 <tr>
   <td valign="top">Product Description:</td>
-  <td valign="top">[% product.description FILTER html %]</td>
+  <td valign="top">[% product.description FILTER html_light %]</td>
 [% END %]
 
 [% IF Param('usetargetmilestone') %]
diff --git a/template/en/default/admin/components/updated.html.tmpl b/template/en/default/admin/components/updated.html.tmpl
index a6f2c8b9d..a4cbfdf5b 100644
--- a/template/en/default/admin/components/updated.html.tmpl
+++ b/template/en/default/admin/components/updated.html.tmpl
@@ -56,7 +56,7 @@
   <table>
     <tr>
       <td>Updated description to:</td>
-      <td>'[% comp.description FILTER html %]'</td>
+      <td>'[% comp.description FILTER html_light %]'</td>
     </tr>
   </table>
 [% END %]
diff --git a/template/en/default/admin/groups/delete.html.tmpl b/template/en/default/admin/groups/delete.html.tmpl
index d0c50f69a..f5aa7a9b4 100644
--- a/template/en/default/admin/groups/delete.html.tmpl
+++ b/template/en/default/admin/groups/delete.html.tmpl
@@ -48,7 +48,7 @@
   <tr>
     <td>[% gid FILTER html %]</td>
     <td>[% name FILTER html %]</td>
-    <td>[% description FILTER html %]</td>
+    <td>[% description FILTER html_light %]</td>
   </tr>
 </table>
 
diff --git a/template/en/default/admin/groups/edit.html.tmpl b/template/en/default/admin/groups/edit.html.tmpl
index 51aba7ffe..a66e78fde 100644
--- a/template/en/default/admin/groups/edit.html.tmpl
+++ b/template/en/default/admin/groups/edit.html.tmpl
@@ -165,7 +165,7 @@
             [% group.grpnam FILTER html %]
           </a>
         </td>
-        <td align="left" class="groupdesc">[% group.grpdesc FILTER html %]</td>
+        <td align="left" class="groupdesc">[% group.grpdesc FILTER html_light %]</td>
       </tr>
     [% END %]
   </table>
diff --git a/template/en/default/admin/groups/list.html.tmpl b/template/en/default/admin/groups/list.html.tmpl
index fe32bc53d..ef2c7486b 100644
--- a/template/en/default/admin/groups/list.html.tmpl
+++ b/template/en/default/admin/groups/list.html.tmpl
@@ -47,6 +47,7 @@
    }
    {name               => 'description'
     heading            => 'Description'
+    allow_html_content => 1
    }
    {name               => 'userregexp'
     heading            => 'User RegExp'
diff --git a/template/en/default/admin/keywords/list.html.tmpl b/template/en/default/admin/keywords/list.html.tmpl
index 999538561..1ffa0f27d 100755
--- a/template/en/default/admin/keywords/list.html.tmpl
+++ b/template/en/default/admin/keywords/list.html.tmpl
@@ -43,7 +43,8 @@
      },
      { 
        name => "description"
-       heading => "Description" 
+       heading => "Description"
+       allow_html_content => 1
      },
      { 
        name => "bug_count"
diff --git a/template/en/default/admin/products/confirm-delete.html.tmpl b/template/en/default/admin/products/confirm-delete.html.tmpl
index e59dd8707..75aeb623a 100644
--- a/template/en/default/admin/products/confirm-delete.html.tmpl
+++ b/template/en/default/admin/products/confirm-delete.html.tmpl
@@ -56,7 +56,7 @@
       [%# descriptions are intentionally not filtered to allow html content %]
       <td>
         [% IF classification.description %]
-          [% classification.description FILTER none %]
+          [% classification.description FILTER html_light %]
         [% ELSE %]
           <span style="color: red">missing</span>
         [% END %]
@@ -78,7 +78,7 @@
     [%# descriptions are intentionally not filtered to allow html content %]
     <td valign="top">
       [% IF product.description %]
-        [% product.description FILTER none %]
+        [% product.description FILTER html_light %]
       [% ELSE %]
         <span style="color: red">missing</span>
       [% END %]
@@ -132,7 +132,7 @@
               [%# descriptions are intentionally not filtered to allow html content %]
               <td>
                 [% IF c.description %]
-                  [% c.description FILTER none %]
+                  [% c.description FILTER html_light %]
                 [% ELSE %]
                   <span style="color: red">missing</span>
                 [% END %]
diff --git a/template/en/default/admin/products/edit-common.html.tmpl b/template/en/default/admin/products/edit-common.html.tmpl
index e3edadc9c..afa15d73c 100644
--- a/template/en/default/admin/products/edit-common.html.tmpl
+++ b/template/en/default/admin/products/edit-common.html.tmpl
@@ -40,7 +40,7 @@
 <tr>
   <th align="right">Description:</th>
   <td><textarea rows="4" cols="64" wrap="virtual" name="description">
-        [% product.description FILTER none %]</textarea>
+        [% product.description FILTER html %]</textarea>
   </td>
 </tr>
 
diff --git a/template/en/default/admin/products/edit.html.tmpl b/template/en/default/admin/products/edit.html.tmpl
index 4e8cc7b19..105ec6e74 100644
--- a/template/en/default/admin/products/edit.html.tmpl
+++ b/template/en/default/admin/products/edit.html.tmpl
@@ -50,7 +50,7 @@
           [% FOREACH component = product.components %]
             <b>[% component.name FILTER html %]:</b>&nbsp;
             [% IF component.description %]
-              [% component.description FILTER none %]
+              [% component.description FILTER html_light %]
             [% ELSE %]
               <font color="red">description missing</font>
             [% END %]
diff --git a/template/en/default/admin/products/updated.html.tmpl b/template/en/default/admin/products/updated.html.tmpl
index e74720fed..8a0790d6e 100644
--- a/template/en/default/admin/products/updated.html.tmpl
+++ b/template/en/default/admin/products/updated.html.tmpl
@@ -75,7 +75,7 @@
   <p>
     Updated description to:</p>
   </p>
-  <p style="margin: 1em 3em 1em 3em">[% product.description FILTER html %]</p>
+  <p style="margin: 1em 3em 1em 3em">[% product.description FILTER html_light %]</p>
   [% updated = 1 %]
 [% END %]
 
diff --git a/template/en/default/admin/settings/edit.html.tmpl b/template/en/default/admin/settings/edit.html.tmpl
index 68c8577b0..9ca9226e7 100644
--- a/template/en/default/admin/settings/edit.html.tmpl
+++ b/template/en/default/admin/settings/edit.html.tmpl
@@ -64,7 +64,7 @@ page, and the Default Value will automatically apply to everyone.
               [% setting_descs.$name OR name FILTER html %]
             </td>
             <td>
-              <select name="[% name %]" id="[% name %]">
+              <select name="[% name FILTER html %]" id="[% name FILTER html %]">
                 [% FOREACH x = settings.${name}.legal_values %]
                     <option value="[% x FILTER html %]"
                       [% " selected=\"selected\"" IF x == settings.${name}.default_value %]>
@@ -75,8 +75,8 @@ page, and the Default Value will automatically apply to everyone.
             </td>
             <td align="center">
               <input type="checkbox"
-                name="[% checkbox_name %]"
-                id="[% checkbox_name %]"
+                name="[% checkbox_name FILTER html %]"
+                id="[% checkbox_name FILTER html %]"
                 [% " checked=\"checked\"" IF settings.${name}.is_enabled %]>
               <br>
             </td>
diff --git a/template/en/default/admin/table.html.tmpl b/template/en/default/admin/table.html.tmpl
index 29108fd6c..d13dceb66 100644
--- a/template/en/default/admin/table.html.tmpl
+++ b/template/en/default/admin/table.html.tmpl
@@ -32,7 +32,7 @@
   #                  with the key xxx in data hash of the current row.
   #     content: If specified, the content of this variable is used
   #              instead of the data pulled from the current row. 
-  #              NOTE: This value is not HTML filtered at output!
+  #              NOTE: This value is only partially HTML filtered!
   #     content_use_field: If defined and true, then each value in the 
   #                        column corresponds with a key in the
   #                        field_descs field, and that value from the 
@@ -41,8 +41,8 @@
   #                        This content WILL be HTML-filtered in this case.
   #     align: left/center/right. Controls the horizontal alignment of the
   #            text in the column.
-  #     allow_html_content: if defined, then this column allows html content
-  #                         so it will not be filtered 
+  #     allow_html_content: if defined, then this column allows some html content
+  #                         and so it will be only partially filtered.
   #     yesno_field: Turn the data from 0/!0 into Yes/No
   #
   # data:
@@ -94,6 +94,7 @@
          content = c.content
          content_use_field = c.content_use_field
          align = c.align
+         class = c.class
          allow_html_content = c.allow_html_content
          yesno_field = c.yesno_field
        %]
@@ -112,6 +113,8 @@
              IF override.override_content_use_field %]
           [% SET align = override.align
              IF override.override_align %]
+          [% SET class = override.class
+             IF override.override_class %]
           [% SET allow_html_content = override.allow_html_content
              IF override.override_allow_html_content %]
           [% SET yesno_field = override.yesno_field
@@ -122,7 +125,8 @@
         [% END %]
       [% END %]
 
-      <td [% IF align %] align="[% align FILTER html %]" [% END %]>
+      <td [% IF align %] align="[% align FILTER html %]" [% END %]
+          [% IF class %] class="[% class FILTER html %]" [% END %]>
 
         [% IF contentlink %]
           [% link_uri = contentlink %]
@@ -143,7 +147,7 @@
            [% colname = row.${c.name} %]
            [% field_descs.${colname} FILTER html %]
         [% ELSIF content %]
-            [% content FILTER none %]
+            [% content FILTER html_light %]
         [% ELSE %]
           [% IF yesno_field %]
             [% IF row.${c.name} %]
@@ -153,7 +157,7 @@
             [% END %]
           [% ELSE %]
             [% IF allow_html_content %]
-              [% row.${c.name} FILTER none %]
+              [% row.${c.name} FILTER html_light %]
             [% ELSE %]
               [% row.${c.name} FILTER html %]
             [% END %]
diff --git a/template/en/default/admin/users/edit.html.tmpl b/template/en/default/admin/users/edit.html.tmpl
index f92492472..c35bb691f 100644
--- a/template/en/default/admin/users/edit.html.tmpl
+++ b/template/en/default/admin/users/edit.html.tmpl
@@ -89,7 +89,7 @@
               <td class="groupname">
                 <label for="group_[% group.id %]">
                   <strong>[% group.name FILTER html %]:</strong>
-                  [%+ group.description FILTER html %]
+                  [%+ group.description FILTER html_light %]
                 </label>
               </td>
             </tr>
diff --git a/template/en/default/admin/users/list.html.tmpl b/template/en/default/admin/users/list.html.tmpl
index 4b483e33d..41c5016f8 100644
--- a/template/en/default/admin/users/list.html.tmpl
+++ b/template/en/default/admin/users/list.html.tmpl
@@ -38,11 +38,9 @@
     heading            => 'Edit user...'
     contentlink        => 'editusers.cgi?action=edit&amp;userid=%%userid%%' _
                           listselectionurlparams
-    allow_html_content => 1
    }
    {name               => 'realname'
     heading            => 'Real name'
-    allow_html_content => 1
    }
    {heading            => 'User Account Log'
     content            => 'View'
@@ -64,23 +62,38 @@
   %]
 [% END %]
 
+[%# Disabled users are crossed out. Missing realnames are noticed in red. %]
+[% overrides.login_name = [] %]
+[% overrides.realname = [] %]
+
 [% FOREACH thisuser = users %]
-  [%# We FILTER html here because we need admin/table.html.tmpl to accept HTML
-    # for styling, so we cannot let admin/table.html.tmpl do the FILTER.
-    #%]
-  [% thisuser.login_name = BLOCK %]
-    [% thisuser.login_name FILTER html %]
-  [% END %]
-  [% IF thisuser.realname %]
-    [% thisuser.realname = BLOCK %]
-      [% thisuser.realname FILTER html %]
-    [% END %]
-  [% ELSE %]
-    [% SET thisuser.realname = '<span style="color: red">missing</span>' %]
+  [% IF !thisuser.realname %]
+    [%# We cannot pass one class now and one class later. %]
+    [% SET classes = (thisuser.disabledtext ? "bz_inactive missing" : "missing") %]
+    [% overrides.realname.push({
+        match_value      => "$thisuser.login_name"
+        match_field      => 'login_name'
+        content          => "missing"
+        override_content => 1
+        class            => "$classes"
+        override_class   => 1 })
+    %]
   [% END %]
+
   [% IF thisuser.disabledtext %]
-    [% thisuser.login_name = "<span class=\"bz_inactive\">$thisuser.login_name</span>" %]
-    [% thisuser.realname = "<span class=\"bz_inactive\">$thisuser.realname</span>" %]
+    [% overrides.login_name.push({
+        match_value    => "$thisuser.login_name"
+        match_field    => 'login_name'
+        class          => "bz_inactive"
+        override_class => 1 })
+    %]
+
+    [% overrides.realname.push({
+        match_value    => "$thisuser.login_name"
+        match_field    => 'login_name'
+        class          => "bz_inactive"
+        override_class => 1 })
+    %]
   [% END %]
 [% END %]
 
@@ -89,6 +102,7 @@
 [% PROCESS admin/table.html.tmpl
   columns = columns
   data    = users
+  overrides = overrides
 %]
 
 <p>
diff --git a/template/en/default/bug/create/create.html.tmpl b/template/en/default/bug/create/create.html.tmpl
index eb3aea2e4..812abb075 100644
--- a/template/en/default/bug/create/create.html.tmpl
+++ b/template/en/default/bug/create/create.html.tmpl
@@ -526,7 +526,7 @@ function handleWantsAttachment(wants_attachment) {
         <input type="checkbox" id="bit-[% g.bit %]"
           name="bit-[% g.bit %]" value="1"
           [% " checked=\"checked\"" IF g.checked %]>
-          <label for="bit-[% g.bit %]">[% g.description %]</label><br>
+          <label for="bit-[% g.bit %]">[% g.description FILTER html_light %]</label><br>
       [% END %]
       <br>
     [% END %]
diff --git a/template/en/default/bug/edit.html.tmpl b/template/en/default/bug/edit.html.tmpl
index c93d08c2b..12fcb05c8 100644
--- a/template/en/default/bug/edit.html.tmpl
+++ b/template/en/default/bug/edit.html.tmpl
@@ -198,7 +198,7 @@
             <td>
               [% get_resolution(bug.resolution) FILTER html %]
               [% IF bug.resolution == "DUPLICATE" %]
-                of [% terms.bug %] [%+ "${bug.dup_id}" FILTER bug_link(bug.dup_id) %]
+                of [% terms.bug %] [%+ "${bug.dup_id}" FILTER bug_link(bug.dup_id) FILTER none %]
               [% END %]
             </td>
           </tr>
@@ -619,7 +619,7 @@
              name="bit-[% group.bit %]" id="bit-[% group.bit %]"
              [% " checked=\"checked\"" IF group.ison %]
              [% " disabled=\"disabled\"" IF NOT group.ingroup %]>
-      <label for="bit-[% group.bit %]">[% group.description %]</label>
+      <label for="bit-[% group.bit %]">[% group.description FILTER html_light %]</label>
       <br>
       [% END %]
     [% END %]
@@ -683,7 +683,7 @@
   </th>
   <td>
   [% FOREACH depbug = bug.${dep.fieldname} %]
-    [% depbug FILTER bug_link(depbug) %][% " " %]
+    [% depbug FILTER bug_link(depbug) FILTER none %][% " " %]
   [% END %]
   </td>
   <td>
diff --git a/template/en/default/bug/show-multiple.html.tmpl b/template/en/default/bug/show-multiple.html.tmpl
index 2ebb3a21a..e3d38c022 100644
--- a/template/en/default/bug/show-multiple.html.tmpl
+++ b/template/en/default/bug/show-multiple.html.tmpl
@@ -303,7 +303,7 @@
     <th>[% terms.Bug %] [%+ field_descs.${name} FILTER html %]:</th>
     <td>
       [% FOREACH depbug = bug.${name} %]
-        [% depbug FILTER bug_link(depbug) %][% ", " IF not loop.last() %]
+        [% depbug FILTER bug_link(depbug) FILTER none %][% ", " IF not loop.last() %]
       [% END %]
     </td>
 
diff --git a/template/en/default/filterexceptions.pl b/template/en/default/filterexceptions.pl
index 70a4d28d0..c03704e72 100644
--- a/template/en/default/filterexceptions.pl
+++ b/template/en/default/filterexceptions.pl
@@ -112,7 +112,6 @@
 ],
 
 'reports/keywords.html.tmpl' => [
-  'keyword.description', 
   'keyword.bug_count', 
 ],
 
@@ -189,16 +188,10 @@
 
 'list/edit-multiple.html.tmpl' => [
   'group.id', 
-  'group.description',
-  'group.description FILTER inactive', 
   'knum', 
   'menuname', 
 ],
 
-'list/list-simple.html.tmpl' => [
-  'title', 
-],
-
 'list/list.rdf.tmpl' => [
   'template_version', 
   'bug.bug_id', 
@@ -225,10 +218,6 @@
   'h.html', 
 ],
 
-'global/choose-classification.html.tmpl' => [
-  'class.description', 
-],
-
 'global/choose-product.html.tmpl' => [
   'target',
 ],
@@ -314,13 +303,10 @@
   'bug.bug_id', 
   'bug.votes', 
   'group.bit', 
-  'group.description', 
   'dep.title', 
   'dep.fieldname', 
   'bug.${dep.fieldname}.join(\', \')', 
   'selname',
-  'depbug FILTER bug_link(depbug)',
-  '"${bug.dup_id}" FILTER bug_link(bug.dup_id)',
   '" accesskey=\"$accesskey\"" IF accesskey',
   'inputname',
   '" colspan=\"$colspan\"" IF $colspan',
@@ -342,7 +328,6 @@
 
 'bug/show-multiple.html.tmpl' => [
   'bug.bug_id', 
-  'depbug FILTER bug_link(depbug)',
   'attachment.id', 
   'flag.status',
 ],
@@ -402,7 +387,6 @@
 
 'bug/create/create.html.tmpl' => [
   'g.bit',
-  'g.description',
   'sel.name',
   'sel.description',
   'cloned_bug_id',
@@ -484,10 +468,6 @@
   'link_uri'
 ],
 
-'admin/classifications/select.html.tmpl' => [
-  'cl.description', 
-],
-
 'admin/products/groupcontrol/confirm-edit.html.tmpl' => [
   'group.count', 
 ],
@@ -572,11 +552,6 @@
   'comp.bug_count'
 ],
 
-'admin/settings/edit.html.tmpl' => [
-  'name',
-  'checkbox_name'
-],
-
 'account/login.html.tmpl' => [
   'target', 
 ],
@@ -587,11 +562,6 @@
   'prefname',
 ],
 
-'account/prefs/permissions.html.tmpl' => [
-  'bit_description.name', 
-  'bit_description.desc', 
-],
-
 'account/prefs/prefs.html.tmpl' => [
   'current_tab.label',
   'current_tab.name',
@@ -601,9 +571,4 @@
   'group.id',
 ],
 
-'account/prefs/settings.html.tmpl' => [
-  'name',
-  'default_name'
-],
-
 );
diff --git a/template/en/default/global/choose-classification.html.tmpl b/template/en/default/global/choose-classification.html.tmpl
index 0a14fe44e..df0c37911 100644
--- a/template/en/default/global/choose-classification.html.tmpl
+++ b/template/en/default/global/choose-classification.html.tmpl
@@ -54,7 +54,7 @@
     </th>
 
     [% IF class.description %]
-      <td valign="top">&nbsp;[% class.description %]</td>
+      <td valign="top">&nbsp;[% class.description FILTER html_light %]</td>
     [% END %]
   </tr>
 [% END %]
diff --git a/template/en/default/global/choose-product.html.tmpl b/template/en/default/global/choose-product.html.tmpl
index 346a53751..da47332c2 100644
--- a/template/en/default/global/choose-product.html.tmpl
+++ b/template/en/default/global/choose-product.html.tmpl
@@ -51,7 +51,7 @@
       [% p.name FILTER html %]</a>:&nbsp;
     </th>
 
-    <td valign="top">[% p.description FILTER none %]</td>
+    <td valign="top">[% p.description FILTER html_light %]</td>
   </tr>
 [% END %]
 
diff --git a/template/en/default/list/edit-multiple.html.tmpl b/template/en/default/list/edit-multiple.html.tmpl
index cf57bb651..38e4e930f 100644
--- a/template/en/default/list/edit-multiple.html.tmpl
+++ b/template/en/default/list/edit-multiple.html.tmpl
@@ -256,11 +256,8 @@
       [% END %]
 
       <td>
-        [% IF group.isactive %]
-          [% group.description %]
-        [% ELSE %]
-          [% group.description FILTER inactive %]
-        [% END %]
+        [% SET inactive = !group.isactive %]
+        [% group.description FILTER html_light FILTER inactive(inactive) %]
       </td>
 
     </tr>
diff --git a/template/en/default/list/list-simple.html.tmpl b/template/en/default/list/list-simple.html.tmpl
index 9cdc1bed9..8494baf60 100644
--- a/template/en/default/list/list-simple.html.tmpl
+++ b/template/en/default/list/list-simple.html.tmpl
@@ -30,8 +30,6 @@
 [%############################################################################%]
 
 [% DEFAULT title = "$terms.Bug List" %]
-[% title = title FILTER html %]
-
 
 [%############################################################################%]
 [%# Bug Table                                                                #%]
@@ -40,7 +38,7 @@
 <html>
 
   <head>
-    <title>[% title %]</title>
+    <title>[% title FILTER html %]</title>
     <base href="[% Param("urlbase") %]">
     <link href="skins/standard/buglist.css" rel="stylesheet" type="text/css">
   </head>
diff --git a/template/en/default/reports/components.html.tmpl b/template/en/default/reports/components.html.tmpl
index 1e9065a78..d135a7ef8 100644
--- a/template/en/default/reports/components.html.tmpl
+++ b/template/en/default/reports/components.html.tmpl
@@ -36,7 +36,7 @@
 [% END %]
 
 <p>
-  [% product.description FILTER none %]
+  [% product.description FILTER html_light %]
 </p>
 
 <table>
@@ -87,7 +87,7 @@
   </tr>
   <tr>
     <td colspan="[% numcols - 1 %]">
-      [% comp.description FILTER none %]
+      [% comp.description FILTER html_light %]
     </td>
   </tr>
 [% END %]
diff --git a/template/en/default/reports/keywords.html.tmpl b/template/en/default/reports/keywords.html.tmpl
index 979c50163..1a0ae0bf5 100644
--- a/template/en/default/reports/keywords.html.tmpl
+++ b/template/en/default/reports/keywords.html.tmpl
@@ -24,7 +24,7 @@
   # keywords: array keyword objects. May be empty. Each has has four members:
   #   id: id of the keyword
   #   name: the name of the keyword
-  #   description: keyword description. May be HTML.
+  #   description: keyword description. Can contain some limited HTML code.
   #   bug_count: number of bugs with that keyword
   # caneditkeywords: boolean. True if this user can edit keywords
  %]
@@ -55,7 +55,7 @@
       <a name="[% keyword.name FILTER html %]">
         [% keyword.name FILTER html %]</a>
     </th>
-    <td>[% keyword.description %]</td>
+    <td>[% keyword.description FILTER html_light %]</td>
     <td align="center">
       [% IF keyword.bug_count > 0 %]
         <a href="buglist.cgi?keywords=[% keyword.name FILTER url_quote %]&amp;resolution=---">
-- 
cgit v1.2.3-24-g4f1b