From 401b0d1301cf419ff40d7cb82d2763b13accd26a Mon Sep 17 00:00:00 2001
From: Max Kanat-Alexander <mkanat@bugzilla.org>
Date: Wed, 19 May 2010 10:20:09 -0700
Subject: Bug 565899: Make the html_linebreak filter safe by having it first
 call the "html" filter r=LpSolit, a=LpSolit

---
 Bugzilla/Template.pm                               | 1 +
 t/008filter.t                                      | 2 +-
 template/en/default/global/code-error.html.tmpl    | 2 +-
 template/en/default/global/hidden-fields.html.tmpl | 2 +-
 4 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm
index 71370a8c1..274ed8847 100644
--- a/Bugzilla/Template.pm
+++ b/Bugzilla/Template.pm
@@ -532,6 +532,7 @@ sub create {
             # See bugs 4928, 22983 and 32000 for more details
             html_linebreak => sub {
                 my ($var) = @_;
+                $var = html_quote($var);
                 $var =~ s/\r\n/\&#013;/g;
                 $var =~ s/\n\r/\&#013;/g;
                 $var =~ s/\r/\&#013;/g;
diff --git a/t/008filter.t b/t/008filter.t
index e6ae4c13a..5a5b223c8 100644
--- a/t/008filter.t
+++ b/t/008filter.t
@@ -226,7 +226,7 @@ sub directive_ok {
     return 1 if $directive =~ /FILTER\ (html|csv|js|base64|url_quote|css_class_quote|
                                         ics|quoteUrls|time|uri|xml|lower|html_light|
                                         obsolete|inactive|closed|unitconvert|
-                                        txt|none)\b/x;
+                                        txt|html_linebreak|none)\b/x;
 
     return 0;
 }
diff --git a/template/en/default/global/code-error.html.tmpl b/template/en/default/global/code-error.html.tmpl
index f50f60737..e3bd3ba8b 100644
--- a/template/en/default/global/code-error.html.tmpl
+++ b/template/en/default/global/code-error.html.tmpl
@@ -540,7 +540,7 @@
 </table>
 
 <p>Traceback:</p>
-<pre>[% traceback FILTER html FILTER html_linebreak %]</pre>
+<pre>[% traceback FILTER html_linebreak %]</pre>
 
 [% IF variables %]
   <pre>
diff --git a/template/en/default/global/hidden-fields.html.tmpl b/template/en/default/global/hidden-fields.html.tmpl
index 24f15c4f5..c141c6409 100644
--- a/template/en/default/global/hidden-fields.html.tmpl
+++ b/template/en/default/global/hidden-fields.html.tmpl
@@ -52,7 +52,7 @@
   [% ELSE %]
     [% FOREACH mvalue = cgi.param(field).slice(0) %]
       <input type="hidden" name="[% field FILTER html %]"
-             value="[% mvalue FILTER html FILTER html_linebreak %]">
+             value="[% mvalue FILTER html_linebreak %]">
     [% END %]
   [% END %]
 [% END %]
-- 
cgit v1.2.1