From: justdave%syndicomm.com <> Date: Thu, 18 Sep 2003 05:12:56 +0000 (+0000) Subject: Bug 219216: Javascript improperly using FILTER html instead of FILTER js causing... X-Git-Tag: bugzilla-2.17.5~56 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0ca55bd31d48436feabd6ad474eb2900c937e768;p=thirdparty%2Fbugzilla.git Bug 219216: Javascript improperly using FILTER html instead of FILTER js causing data with @ produced by javascript to show up as @ r=timeless, a=justdave --- diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm index f3e3685f73..f9342e11f5 100644 --- a/Bugzilla/Template.pm +++ b/Bugzilla/Template.pm @@ -194,6 +194,7 @@ sub create { $var =~ s/([\\\'\"])/\\$1/g; $var =~ s/\n/\\n/g; $var =~ s/\r/\\r/g; + $var =~ s/\@/\\x40/g; # anti-spam for email addresses return $var; }, diff --git a/template/en/default/bug/create/create.html.tmpl b/template/en/default/bug/create/create.html.tmpl index b15efffac1..507324bf7a 100644 --- a/template/en/default/bug/create/create.html.tmpl +++ b/template/en/default/bug/create/create.html.tmpl @@ -33,8 +33,8 @@ var default_owners = new Array([% component_.size %]); var components = new Array([% component_.size %]); [% count = 0 %] [%- FOREACH c = component_ %] - components[[% count %]] = "[% c.name FILTER html %]"; - default_owners[[% count %]] = "[% c.default_login FILTER html %]"; + components[[% count %]] = "[% c.name FILTER js %]"; + default_owners[[% count %]] = "[% c.default_login FILTER js %]"; [% count = count + 1 %] [%- END %] var last_default_owner;