From: Byron Jones <glob@mozilla.com>
Date: Tue, 12 May 2015 03:20:37 +0000 (+0800)
Subject: Bug 1163393: XSS in the new jQuery autocomplete code
X-Git-Tag: release-5.1.1~252
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7f3cc6428c61dde8afbbe4ba6f7a50728af2449a;p=thirdparty%2Fbugzilla.git

Bug 1163393: XSS in the new jQuery autocomplete code
r=dkl,a=glob
---

diff --git a/js/field.js b/js/field.js
index f55852671b..5a48db471c 100644
--- a/js/field.js
+++ b/js/field.js
@@ -844,8 +844,12 @@ $(function() {
             };
         },
         formatResult: function(suggestion, currentValue) {
-            return suggestion.data.name === '' ?
-                suggestion.data.login : suggestion.data.name + ' (' + suggestion.data.login + ')';
+            return (suggestion.data.name === '' ?
+                suggestion.data.login : suggestion.data.name + ' (' + suggestion.data.login + ')')
+                .replace(/&/g, '&amp;')
+                .replace(/</g, '&lt;')
+                .replace(/>/g, '&gt;')
+                .replace(/"/g, '&quot;');
         },
         onSearchStart: function(params) {
             var that = $(this);