]> git.ipfire.org Git - thirdparty/bugzilla.git/commitdiff
projects / thirdparty / bugzilla.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a3da37a)
Bug 1134743: javascript filter should escape uncode line and paragraph separators...
authorByron Jones <glob@mozilla.com>
Tue, 24 Feb 2015 05:17:16 +0000 (13:17 +0800)
committerByron Jones <glob@mozilla.com>
Tue, 24 Feb 2015 05:17:16 +0000 (13:17 +0800)
r=dylan,a=glob

Bugzilla/Template.pm patch | blob | blame | history

diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm
index 066f9dc3056146332a04eb970b1065ef32b845b5..3f3d5f399374065499b13bc5fddf11df63a6b859 100644 (file)
--- a/Bugzilla/Template.pm
+++ b/Bugzilla/Template.pm
@@ -766,6 +766,8 @@ sub create {
                 $var =~ s/([\\\'\"\/])/\\$1/g;
                 $var =~ s/\n/\\n/g;
                 $var =~ s/\r/\\r/g;
+                $var =~ s/\x{2028}/\\u2028/g; # unicode line separator
+                $var =~ s/\x{2029}/\\u2029/g; # unicode paragraph separator
                 $var =~ s/\@/\\x40/g; # anti-spam for email addresses
                 $var =~ s/</\\x3c/g;
                 $var =~ s/>/\\x3e/g;
Mirror of https://github.com/bugzilla/bugzilla.git