Bug 752751: Perl modules that start with a protocol (eg HTTP::Header) are not escaped...

author Simon Green <sgreen+mozilla@redhat.com>

Thu, 17 May 2012 13:23:35 +0000 (15:23 +0200)

committer Frédéric Buclin <LpSolit@gmail.com>

Thu, 17 May 2012 13:23:35 +0000 (15:23 +0200)
author Simon Green <sgreen+mozilla@redhat.com>
Thu, 17 May 2012 13:23:35 +0000 (15:23 +0200)
committer Frédéric Buclin <LpSolit@gmail.com>
Thu, 17 May 2012 13:23:35 +0000 (15:23 +0200)
diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm

index 527b704b275321c2987c7bff0a5dd52a718dca63..c907f92674f057cdf98ac8333263ebd7c3737a9b 100644 (file)
--- a/Bugzilla/Template.pm
+++ b/Bugzilla/Template.pm
@@ -69,7 +69,7 @@ use constant FORMAT_2_SIZE => [19,55];
  # Pseudo-constant.
  sub SAFE_URL_REGEXP {
      my $safe_protocols = join('|', SAFE_PROTOCOLS);
-    return qr/($safe_protocols):[^\s<>\"]+[\w\/]/i;
+    return qr/($safe_protocols):[^:\s<>\"][^\s<>\"]+[\w\/]/i;
  }
  
  # Convert the constants in the Bugzilla::Constants module into a hash we can
author	Simon Green <sgreen+mozilla@redhat.com>
	Thu, 17 May 2012 13:23:35 +0000 (15:23 +0200)
committer	Frédéric Buclin <LpSolit@gmail.com>
	Thu, 17 May 2012 13:23:35 +0000 (15:23 +0200)