diff options
| author | endico%mozilla.org <> | 2001-03-09 09:49:41 +0000 |
|---|---|---|
| committer | endico%mozilla.org <> | 2001-03-09 09:49:41 +0000 |
| commit | 84298cd109d6419321e4fa043442a46efea9f1fe (patch) | |
| tree | be82d4bf1ef80b9bd507809e5a57eda1e6ce752a | |
| parent | e98760989ab69ac008f20d9cbaa26988bd17f2d9 (diff) | |
| download | bugs-84298cd109d6419321e4fa043442a46efea9f1fe.tar bugs-84298cd109d6419321e4fa043442a46efea9f1fe.tar.gz bugs-84298cd109d6419321e4fa043442a46efea9f1fe.tar.bz2 bugs-84298cd109d6419321e4fa043442a46efea9f1fe.tar.xz bugs-84298cd109d6419321e4fa043442a46efea9f1fe.zip | |
Patch from Jake <jake@acutex.net> for bugs 22041 and 25693 which had the same problem. HTML meta characters in the summary were not being quoted before being printed to html.
| -rwxr-xr-x | duplicates.cgi | 1 | ||||
| -rwxr-xr-x | show_bug.cgi | 1 |
2 files changed, 2 insertions, 0 deletions
diff --git a/duplicates.cgi b/duplicates.cgi index a45da6bb2..c9c692ca3 100755 --- a/duplicates.cgi +++ b/duplicates.cgi @@ -142,6 +142,7 @@ foreach (@sortedcount) SendSQL("SELECT component, bug_severity, op_sys, target_milestone, short_desc FROM " . "bugs WHERE bug_id = $id"); my ($component, $severity, $op_sys, $milestone, $summary) = FetchSQLData(); + $summary = html_quote($summary); print "<tr>"; print '<td><center><A HREF="show_bug.cgi?id=' . $id . '">'; print $id . "</A></center></td>"; diff --git a/show_bug.cgi b/show_bug.cgi index 12a6755c7..1dd1f8820 100755 --- a/show_bug.cgi +++ b/show_bug.cgi @@ -50,6 +50,7 @@ GetVersionTable(); SendSQL("select short_desc from bugs where bug_id = $::FORM{'id'}"); my $summary = FetchOneColumn(); if( $summary ) { + $summary = html_quote($summary); PutHeader("Bug $::FORM{'id'} - $summary", "Bugzilla Bug $::FORM{'id'}", $summary ); }else { PutHeader("Bugzilla bug $::FORM{'id'}", "Bugzilla Bug", $::FORM{'id'}); |