Bug 752751: Perl modules that start with a protocol (eg HTTP::Header) are not escaped...

author Simon Green <sgreen+mozilla@redhat.com>

Thu, 17 May 2012 13:16:45 +0000 (15:16 +0200)

committer Frédéric Buclin <LpSolit@gmail.com>

Thu, 17 May 2012 13:16:45 +0000 (15:16 +0200)
author Simon Green <sgreen+mozilla@redhat.com>
Thu, 17 May 2012 13:16:45 +0000 (15:16 +0200)
committer Frédéric Buclin <LpSolit@gmail.com>
Thu, 17 May 2012 13:16:45 +0000 (15:16 +0200)
diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm

index e5bd8edb74773f5c2f9b9ebebbc7b20f74d637e4..a2efec48c48303c2ba1cdf507647b98ab86b3e02 100644 (file)
--- a/Bugzilla/Template.pm
+++ b/Bugzilla/Template.pm
@@ -43,7 +43,7 @@ use constant FORMAT_2_SIZE => [19,55];
  # Pseudo-constant.
  sub SAFE_URL_REGEXP {
      my $safe_protocols = join('|', SAFE_PROTOCOLS);
-    return qr/($safe_protocols):[^\s<>\"]+[\w\/]/i;
+    return qr/($safe_protocols):[^:\s<>\"][^\s<>\"]+[\w\/]/i;
  }
  
  # Convert the constants in the Bugzilla::Constants and Bugzilla::WebService::Constants
author	Simon Green <sgreen+mozilla@redhat.com>
	Thu, 17 May 2012 13:16:45 +0000 (15:16 +0200)
committer	Frédéric Buclin <LpSolit@gmail.com>
	Thu, 17 May 2012 13:16:45 +0000 (15:16 +0200)