Closed Bug 314659 Opened 19 years ago Closed 17 years ago

Provide more information for the Atom summary

Categories

(Bugzilla :: Query/Bug List, enhancement)

2.21
enhancement
Not set
normal

Tracking

()

RESOLVED FIXED
Bugzilla 3.2

People

(Reporter: LpSolit, Assigned: LpSolit)

References

(Blocks 1 open bug)

Details

Attachments

(1 file, 2 obsolete files)

The reporter should be in the summary itself, as well as the resolution of the bug (actually, only its status is given) and its description (aka comment 0).
Attached patch patch, v1 (obsolete) — Splinter Review
Attachment #201561 - Flags: review?(bugreport)
Attachment #201561 - Flags: review?(myk)
Attachment #201561 - Flags: review?(bugreport) → review+
Attachment #201561 - Flags: review?(myk)
Status: NEW → ASSIGNED
Flags: approval?
Flags: approval? → approval+
Flags: approval+ → approval?
This patch also seems to fix bug 127799 as a side effect...
Blocks: 127799
list.rss.html no longer exists.
Flags: approval?
I don't have time to play with it before 3.0
Assignee: LpSolit → query-and-buglist
Status: ASSIGNED → NEW
Target Milestone: Bugzilla 3.0 → ---
Attached patch patch, v2 (obsolete) — Splinter Review
Compared to the inital patch, I dropped the initial comment. We can add it separately if we want to.
Assignee: query-and-buglist → LpSolit
Attachment #201561 - Attachment is obsolete: true
Status: NEW → ASSIGNED
Attachment #251569 - Flags: review?(bugzilla-mozilla)
Summary: Give more information in the RSS summary → Provide more information for the Atom summary
Comment on attachment 251569 [details] [diff] [review]
patch, v2

>Index: template/en/default/list/list.atom.tmpl

>+      </tr><tr class="bz_feed_assignee">
>         <td>[% columns.assigned_to_realname.title FILTER none %]</td>
>         <td>[% bug.assigned_to_realname FILTER none %]</td>

I do not understand why this is FILTER none. If I change my realname to 'Olav <b>Vitters</b>' Firefox shows Vitters as bold within the Atom field, just as I would expect. I did see the FILTER xml, but that should is just some Atom specific thing (because the HTML has to be escaped). Bug.assigned_to_realname should still be escaped otherwise Atom clients which interpret the <td> will look at a <b> (etc) within a realname as well. Same for the other fields.
Attachment #251569 - Flags: review?(bugzilla-mozilla) → review-
Attached patch patch, v3Splinter Review
FILTER none -> FILTER html in the <summary> section as it uses type="html" and all HTML tags MUST be filtered, per the Atom specs: http://www.ietf.org/rfc/rfc4287
Attachment #251569 - Attachment is obsolete: true
Attachment #252207 - Flags: review?(bugzilla-mozilla)
Attachment #252207 - Flags: review?(bugzilla-mozilla) → review+
Flags: approval?
Target Milestone: --- → Bugzilla 3.0
Comment on attachment 252207 [details] [diff] [review]
patch, v3

By the way, why didn't you just change it to serve up columns based on the columnlist parameter? This is what clients keep asking me for, personally.
Phil, it appears that the data in <summary> is currently incorrectly escaped, see my patch. Is there actually any *security* risk? If yes, then we will have to backport the filtering part of my patch on all branches.
Group: webtools-security
I'm fairly sure that this is a security bug for the same reason that bug 313441 was.
Depends on: 313441
Target Milestone: Bugzilla 3.0 → Bugzilla 3.2
Note that I couldn't exploit this issue with the Sage extension of Firefox. It seems to sanitize the fields for me (at least when the field contains <script>, </tr>, </td>, ...).
Sigh. Yes, it's security and needs to be backported, because an untrusted person could assign himself to a bug you'll see, with a script-injecting realname. Sorry, I'm too used to systems that would refuse or strip that realname on input, rather than escape it on output. 
Depends on: 367674
Since I don't see it mentioned here, the security portion of this bug was spun off as bug 367674.
Security advisory posted for bug 367674, so unlocking this bug.
Group: webtools-security
Flags: approval? → approval+
Checking in buglist.cgi;
/cvsroot/mozilla/webtools/bugzilla/buglist.cgi,v  <--  buglist.cgi
new revision: 1.352; previous revision: 1.351
done
Checking in template/en/default/list/list.atom.tmpl;
/cvsroot/mozilla/webtools/bugzilla/template/en/default/list/list.atom.tmpl,v  <--  list.atom.tmpl
new revision: 1.3; previous revision: 1.2
done
Status: ASSIGNED → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
Keywords: relnote
Added to the release notes for Bugzilla 3.2 in a patch on bug 432331.
Keywords: relnote
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: