From c793bb323f1c58c1fe3e82b09068e88c380f5c21 Mon Sep 17 00:00:00 2001
From: Frédéric Buclin <LpSolit@gmail.com>
Date: Wed, 3 Nov 2010 00:06:15 +0100
Subject: Bug 419014: (CVE-2010-3764) [SECURITY] Old charts are not project
 specific, and product names are viewable in graphs/ r=wurblzap a=LpSolit

---
 template/en/default/global/user-error.html.tmpl  | 2 +-
 template/en/default/reports/old-charts.html.tmpl | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

(limited to 'template')

diff --git a/template/en/default/global/user-error.html.tmpl b/template/en/default/global/user-error.html.tmpl
index a734435a1..5aa8955fd 100644
--- a/template/en/default/global/user-error.html.tmpl
+++ b/template/en/default/global/user-error.html.tmpl
@@ -907,7 +907,7 @@
 
   [% ELSIF error == "invalid_datasets" %]
     [% title = "Invalid Datasets" %]
-    Invalid datasets <em>[% datasets FILTER html %]</em>. Only digits,
+    Invalid datasets <em>[% datasets.join(":") FILTER html %]</em>. Only digits,
     letters and colons are allowed.
 
   [% ELSIF error == "invalid_format" %]
diff --git a/template/en/default/reports/old-charts.html.tmpl b/template/en/default/reports/old-charts.html.tmpl
index ca3ba6c7d..4bdc0cffa 100644
--- a/template/en/default/reports/old-charts.html.tmpl
+++ b/template/en/default/reports/old-charts.html.tmpl
@@ -51,7 +51,7 @@
               [%# We cannot use translated statuses and resolutions from field-descs.none.html
                 # because old charts do not distinguish statuses from resolutions. %]
               [% FOREACH dataset = datasets %]
-                <option value="[% dataset.value FILTER html %]:"
+                <option value="[% dataset.value FILTER html %]"
                   [% " selected=\"selected\"" IF dataset.selected %]>
                   [% dataset.value FILTER html %]</option>
               [% END %]
-- 
cgit v1.2.3-24-g4f1b