But 800196: Sanitise line-endings for textarea fields

r=glob, a=LpSolit

https://bugzilla.mozilla.org/show_bug.cgi?id=800196

diff --git a/Bugzilla/Bug.pm b/Bugzilla/Bug.pm
index 3b14c4cb281d336720f1e4f2deca8809b0aae56f..4a172375401573bd045a4f1d481fc78554e8cc0e 100644 (file)
--- a/Bugzilla/Bug.pm
+++ b/Bugzilla/Bug.pm
@@ -152,6 +152,9 @@ sub VALIDATORS {
         elsif ($field->type == FIELD_TYPE_BUG_ID) {
             $validator = \&_check_bugid_field;
         }
+        elsif ($field->type == FIELD_TYPE_TEXTAREA) {
+            $validator = \&_check_textarea_field;
+        }
         else {
             $validator = \&_check_default_field;
         }
@@ -2022,6 +2025,19 @@ sub _check_bugid_field {
     return $checked_id;
 }
 
+sub _check_textarea_field {
+    my ($invocant, $text, $field) = @_;
+
+    $text = (defined $text) ? trim($text) : '';
+
+    # Web browsers submit newlines as \r\n.
+    # Sanitize all input to match the web standard.
+    # XMLRPC input could be either \n or \r\n
+    $text =~ s/\r?\n/\r\n/g;
+
+    return $text;
+}
+
 sub _check_relationship_loop {
     # Generates a dependency tree for a given bug.  Calls itself recursively
     # to generate sub-trees for the bug's dependencies.