Bug 367674: [SECURITY] XSS when reading Atom feeds due to unescaped HTML

Patch By Fr��d��ric Buclin <LpSolit@gmail.com> r=bkor, a=mkanat
This commit is contained in:
mkanat%bugzilla.org 2007-02-02 21:40:06 +00:00
Родитель 8c61d81f9f
Коммит e6bc39d124
1 изменённых файлов: 12 добавлений и 12 удалений

Просмотреть файл

@ -62,23 +62,23 @@
<tr> <tr>
<th>Field</th><th>Value</th> <th>Field</th><th>Value</th>
</tr><tr> </tr><tr>
<td>[% columns.opendate.title FILTER none %]</td> <td>[% columns.opendate.title FILTER html %]</td>
<td>[% bug.opendate FILTER none %]</td> <td>[% bug.opendate FILTER html %]</td>
</tr><tr> </tr><tr>
<td>[% columns.assigned_to_realname.title FILTER none %]</td> <td>[% columns.assigned_to_realname.title FILTER html %]</td>
<td>[% bug.assigned_to_realname FILTER none %]</td> <td>[% bug.assigned_to_realname FILTER html %]</td>
</tr><tr> </tr><tr>
<td>[% columns.priority.title FILTER none %]</td> <td>[% columns.priority.title FILTER html %]</td>
<td>[% bug.priority FILTER none %]</td> <td>[% bug.priority FILTER html %]</td>
</tr><tr> </tr><tr>
<td>[% columns.bug_severity.title FILTER none %] </td> <td>[% columns.bug_severity.title FILTER html %] </td>
<td>[% bug.bug_severity FILTER none %]</td> <td>[% bug.bug_severity FILTER html %]</td>
</tr><tr> </tr><tr>
<td>[% columns.bug_status.title FILTER none %]</td> <td>[% columns.bug_status.title FILTER html %]</td>
<td>[% bug.bug_status FILTER none %]</td> <td>[% bug.bug_status FILTER html %]</td>
</tr><tr> </tr><tr>
<td>[% columns.changeddate.title FILTER none %]</td> <td>[% columns.changeddate.title FILTER html %]</td>
<td>[% bug.changeddate FILTER none -%]</td> <td>[% bug.changeddate FILTER html -%]</td>
</tr> </tr>
</table> </table>
[% END %] [% END %]