Bug 842063: HTML injection is possible using the bug alias

r=dkl a=LpSolit git-svn-id: svn://10.0.0.236/trunk@264756 18797224-902f-48f8-a5cc-f745e15eee43
2013-02-18 12:30:50 +00:00 · 2013-02-18 12:30:50 +00:00 · e2adc8711a
commit e2adc8711a
parent c9f1c0d400
2 changed files with 5 additions and 3 deletions
--- a/mozilla/webtools/bugzilla/.bzrrev
+++ b/mozilla/webtools/bugzilla/.bzrrev
@ -1 +1 @@
-8583
+8584
--- a/mozilla/webtools/bugzilla/template/en/default/bug/show-header.html.tmpl
+++ b/mozilla/webtools/bugzilla/template/en/default/bug/show-header.html.tmpl
@ -13,12 +13,14 @@
  # be overridden by the calling templates.
  #%]

+[% filtered_alias = bug.alias FILTER html %]
 [% filtered_desc = bug.short_desc FILTER html %]
-[% subheader = filtered_desc %]
 [% filtered_timestamp = bug.delta_ts FILTER time %]
+
+[% subheader = filtered_desc %]
 [% title = "$terms.Bug $bug.bug_id &ndash; " %]
 [% IF bug.alias != '' %]
-  [% title = title _ "($bug.alias) " %]
+  [% title = title _ "($filtered_alias) " %]
 [% END %]
 [% title = title _ filtered_desc %]
 [% yui = ['autocomplete', 'calendar'] %]