But 800196: Sanitise line-endings for textarea fields

r=glob, a=LpSolit

https://bugzilla.mozilla.org/show_bug.cgi?id=800196

diff --git a/Bugzilla/Bug.pm b/Bugzilla/Bug.pm
index 5a8965398bbda49934de5b3b2b1b5bbb7cf4e4b4..666ee59e27cd0402d332b5a80fce6c6f136560c2 100644 (file)
--- a/Bugzilla/Bug.pm
+++ b/Bugzilla/Bug.pm
@@ -151,6 +151,9 @@ sub VALIDATORS {
         elsif ($field->type == FIELD_TYPE_BUG_ID) {
             $validator = \&_check_bugid_field;
         }
+        elsif ($field->type == FIELD_TYPE_TEXTAREA) {
+            $validator = \&_check_textarea_field;
+        }
         else {
             $validator = \&_check_default_field;
         }
@@ -2021,6 +2024,19 @@ sub _check_bugid_field {
     return $checked_id;
 }
 
+sub _check_textarea_field {
+    my ($invocant, $text, $field) = @_;
+
+    $text = (defined $text) ? trim($text) : '';
+
+    # Web browsers submit newlines as \r\n.
+    # Sanitize all input to match the web standard.
+    # XMLRPC input could be either \n or \r\n
+    $text =~ s/\r?\n/\r\n/g;
+
+    return $text;
+}
+
 sub _check_relationship_loop {
     # Generates a dependency tree for a given bug.  Calls itself recursively
     # to generate sub-trees for the bug's dependencies.