Closed Bug 1093420 Opened 10 years ago Closed 9 years ago

Over-escaped HTML entities in feed collection pages

Categories

(Marketplace Graveyard :: Consumer Pages, defect, P3)

Product:
Marketplace Graveyard
Component:
Consumer Pages
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: cvan, Assigned: spasovski)

References

(
URL
)

Details

(Keywords: regression, Whiteboard: [ktlo]) 

1. Load homepage on -dev: https://marketplace-dev.allizom.org

2. Notice the collection title + description:

>    this is a mega collection"><script>alert('****')</script><"
>    "><script>alert('****')</script><"

https://www.dropbox.com/s/xb2jmh5cfv420p0/Screenshot%202014-11-03%2017.52.22.png?dl=0

3. Click the collection title to load its collection detail page: https://marketplace-dev.allizom.org/feed/collection/this-is-a-mega-collection?src=collection-element

4. Notice the title is fine, but the description is overescaped:

>    this is a mega collection"><script>alert('****')</script><"
>    "&gt;&lt;script&gt;alert('****')&lt;/script&gt;&lt;"

https://www.dropbox.com/s/rndgo91gm89ebc5/Screenshot%202014-11-03%2017.52.29.png?dl=0
Assignee: nobody → dspasovski
Blocks: 1103195
https://github.com/mozilla/fireplace/pull/1017
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
See Also: → 1142301
Whiteboard: [ktlo]
Status: RESOLVED → REOPENED
Keywords: regression
Resolution: FIXED → ---
Probably fixed by now.
Status: REOPENED → RESOLVED
Closed: 9 years ago9 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.