Closed
Bug 314659
Opened 19 years ago
Closed 17 years ago
Provide more information for the Atom summary
Categories
(Bugzilla :: Query/Bug List, enhancement)
Tracking
()
RESOLVED
FIXED
Bugzilla 3.2
People
(Reporter: LpSolit, Assigned: LpSolit)
References
(Blocks 1 open bug)
Details
Attachments
(1 file, 2 obsolete files)
3.83 KB,
patch
|
bugzilla-mozilla
:
review+
|
Details | Diff | Splinter Review |
The reporter should be in the summary itself, as well as the resolution of the bug (actually, only its status is given) and its description (aka comment 0).
Assignee | ||
Comment 1•19 years ago
|
||
Attachment #201561 -
Flags: review?(bugreport)
Assignee | ||
Updated•19 years ago
|
Attachment #201561 -
Flags: review?(myk)
Updated•19 years ago
|
Attachment #201561 -
Flags: review?(bugreport) → review+
Assignee | ||
Updated•19 years ago
|
Attachment #201561 -
Flags: review?(myk)
Assignee | ||
Updated•19 years ago
|
Status: NEW → ASSIGNED
Flags: approval?
Updated•19 years ago
|
Flags: approval? → approval+
Updated•19 years ago
|
Flags: approval+ → approval?
Assignee | ||
Comment 4•18 years ago
|
||
I don't have time to play with it before 3.0
Assignee: LpSolit → query-and-buglist
Status: ASSIGNED → NEW
Target Milestone: Bugzilla 3.0 → ---
Assignee | ||
Comment 5•17 years ago
|
||
Compared to the inital patch, I dropped the initial comment. We can add it separately if we want to.
Assignee: query-and-buglist → LpSolit
Attachment #201561 -
Attachment is obsolete: true
Status: NEW → ASSIGNED
Attachment #251569 -
Flags: review?(bugzilla-mozilla)
Assignee | ||
Updated•17 years ago
|
Summary: Give more information in the RSS summary → Provide more information for the Atom summary
Comment 6•17 years ago
|
||
Comment on attachment 251569 [details] [diff] [review] patch, v2 >Index: template/en/default/list/list.atom.tmpl >+ </tr><tr class="bz_feed_assignee"> > <td>[% columns.assigned_to_realname.title FILTER none %]</td> > <td>[% bug.assigned_to_realname FILTER none %]</td> I do not understand why this is FILTER none. If I change my realname to 'Olav <b>Vitters</b>' Firefox shows Vitters as bold within the Atom field, just as I would expect. I did see the FILTER xml, but that should is just some Atom specific thing (because the HTML has to be escaped). Bug.assigned_to_realname should still be escaped otherwise Atom clients which interpret the <td> will look at a <b> (etc) within a realname as well. Same for the other fields.
Attachment #251569 -
Flags: review?(bugzilla-mozilla) → review-
Assignee | ||
Comment 7•17 years ago
|
||
FILTER none -> FILTER html in the <summary> section as it uses type="html" and all HTML tags MUST be filtered, per the Atom specs: http://www.ietf.org/rfc/rfc4287
Attachment #251569 -
Attachment is obsolete: true
Attachment #252207 -
Flags: review?(bugzilla-mozilla)
Updated•17 years ago
|
Attachment #252207 -
Flags: review?(bugzilla-mozilla) → review+
Updated•17 years ago
|
Flags: approval?
Target Milestone: --- → Bugzilla 3.0
Comment 8•17 years ago
|
||
Comment on attachment 252207 [details] [diff] [review] patch, v3 By the way, why didn't you just change it to serve up columns based on the columnlist parameter? This is what clients keep asking me for, personally.
Assignee | ||
Comment 9•17 years ago
|
||
Phil, it appears that the data in <summary> is currently incorrectly escaped, see my patch. Is there actually any *security* risk? If yes, then we will have to backport the filtering part of my patch on all branches.
Group: webtools-security
Comment 10•17 years ago
|
||
I'm fairly sure that this is a security bug for the same reason that bug 313441 was.
Depends on: 313441
Assignee | ||
Updated•17 years ago
|
Target Milestone: Bugzilla 3.0 → Bugzilla 3.2
Assignee | ||
Comment 11•17 years ago
|
||
Note that I couldn't exploit this issue with the Sage extension of Firefox. It seems to sanitize the fields for me (at least when the field contains <script>, </tr>, </td>, ...).
Comment 12•17 years ago
|
||
Sigh. Yes, it's security and needs to be backported, because an untrusted person could assign himself to a bug you'll see, with a script-injecting realname. Sorry, I'm too used to systems that would refuse or strip that realname on input, rather than escape it on output.
Comment 13•17 years ago
|
||
Since I don't see it mentioned here, the security portion of this bug was spun off as bug 367674.
Comment 14•17 years ago
|
||
Security advisory posted for bug 367674, so unlocking this bug.
Group: webtools-security
Assignee | ||
Updated•17 years ago
|
Flags: approval? → approval+
Assignee | ||
Comment 15•17 years ago
|
||
Checking in buglist.cgi; /cvsroot/mozilla/webtools/bugzilla/buglist.cgi,v <-- buglist.cgi new revision: 1.352; previous revision: 1.351 done Checking in template/en/default/list/list.atom.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/list/list.atom.tmpl,v <-- list.atom.tmpl new revision: 1.3; previous revision: 1.2 done
Status: ASSIGNED → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
Comment 17•16 years ago
|
||
Added to the release notes for Bugzilla 3.2 in a patch on bug 432331.
Keywords: relnote
You need to log in
before you can comment on or make changes to this bug.
Description
•