diff options
| author | Dylan Hardison <dylan@mozilla.com> | 2015-12-22 13:34:38 -0500 |
|---|---|---|
| committer | Dylan Hardison <dylan@mozilla.com> | 2015-12-22 13:36:56 -0500 |
| commit | a11853423e25a7aca01237343fdf61ab1d819a9f (patch) | |
| tree | 4b93af0bd5e3333ea50c5979a09c0c6de660f3d1 /Bugzilla | |
| parent | dc076edefa70576ee6de4511311a1926a56b79fa (diff) | |
| download | bugs-a11853423e25a7aca01237343fdf61ab1d819a9f.tar bugs-a11853423e25a7aca01237343fdf61ab1d819a9f.tar.gz bugs-a11853423e25a7aca01237343fdf61ab1d819a9f.tar.bz2 bugs-a11853423e25a7aca01237343fdf61ab1d819a9f.tar.xz bugs-a11853423e25a7aca01237343fdf61ab1d819a9f.zip | |
Bug 1232785 - [SECURITY] Buglists in CSV format can be parsed as valid javascript in some browsers
r=dkl,a=dkl
Diffstat (limited to 'Bugzilla')
| -rw-r--r-- | Bugzilla/Template.pm | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm index 80f091f8c..ce027171b 100644 --- a/Bugzilla/Template.pm +++ b/Bugzilla/Template.pm @@ -871,6 +871,9 @@ sub create { { my ($var) = @_; $var = ' ' . $var if substr($var, 0, 1) eq '='; + # backslash is not special to CSV, but it can be used to confuse some browsers... + # so we do not allow it to happen. We only do this for logged-in users. + $var =~ s/\\/\x{FF3C}/g if Bugzilla->user->id; $var =~ s/\"/\"\"/g; if ($var !~ /^-?(\d+\.)?\d*$/) { $var = "\"$var\""; |