]> git.ipfire.org Git - thirdparty/bugzilla.git/commitdiff
projects / thirdparty / bugzilla.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 42ae6d0)
Bug 1134743: javascript filter should escape unicode line and paragraph separators...
authorByron Jones <glob@mozilla.com>
Thu, 4 Jun 2015 13:46:42 +0000 (21:46 +0800)
committerByron Jones <glob@mozilla.com>
Thu, 4 Jun 2015 13:46:42 +0000 (21:46 +0800)
r=dylan,a=glob

Bugzilla/Template.pm patch | blob | blame | history

diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm
index acfc5a50f086ad8b7af69e56e5ce0274767e0d12..72d899c4d700c524b883b55cb11fc697b8f225df 100644 (file)
--- a/Bugzilla/Template.pm
+++ b/Bugzilla/Template.pm
@@ -631,6 +631,8 @@ sub create {
                 $var =~ s/([\\\'\"\/])/\\$1/g;
                 $var =~ s/\n/\\n/g;
                 $var =~ s/\r/\\r/g;
+                $var =~ s/\x{2028}/\\u2028/g; # unicode line separator
+                $var =~ s/\x{2029}/\\u2029/g; # unicode paragraph separator
                 $var =~ s/\@/\\x40/g; # anti-spam for email addresses
                 $var =~ s/</\\x3c/g;
                 $var =~ s/>/\\x3e/g;
Mirror of https://github.com/bugzilla/bugzilla.git