Navigation in dependency tree lose hide_resolved parameter

RESOLVED FIXED

Status

()

Bugzilla
Dependency Views
RESOLVED FIXED
2 years ago
a year ago

People

(Reporter: Christophe JAILLET, Assigned: Christophe JAILLET)

Tracking

4.4.7

Details

Attachments

(1 attachment)

(Assignee)

Description

2 years ago
User Agent: Mozilla/5.0 (Windows NT 5.1; rv:44.0) Gecko/20100101 Firefox/44.0
Build ID: 20160210153822

Steps to reproduce:

Open a bug which has some closed and opened dependencies.
View the dependency tree for this bug.

By default, we have hide_resolved=1 and only the opened bug are displayed.


Actual results:

The dependency tree is displayed and on the right of each bug, a small tree is displayed in order to switch to its dependency tree.

However, these links don't have any hide_resolved=1 (as for the initial display). hide_resolved could also have the value of the current display (if the user has turned on/off the display of closed bug)

Having no hide_resolved parameter, the displayed page behave as if hide_resolved=0 was used.


Expected results:

The behavior of the HMI should be consistent.
(Assignee)

Comment 1

a year ago
Created attachment 8846312 [details] [diff] [review]
1254514.patch
Attachment #8846312 - Flags: review?(dkl)
Assignee: dependency.views → christophe.jaillet
Comment on attachment 8846312 [details] [diff] [review]
1254514.patch

Review of attachment 8846312 [details] [diff] [review]:
-----------------------------------------------------------------

r+ with fixes (I'll commit) [% hide_resolved FILTER html %] or [% hide_resolved ? 1 : 0 %] to prevent XSS.

::: template/en/default/bug/dependency-tree.html.tmpl
@@ +145,4 @@
>        <span class="summ_text">[%+ bug.short_desc FILTER html %]</span>
>        <span class="summ_info">[[% INCLUDE buginfo %]]</span>
>      </a>
> +    <a href="showdependencytree.cgi?id=[% bugid FILTER uri %]&amp;hide_resolved=[% hide_resolved %]"

needs FILTER HTML or else this is a potential XSS.
Attachment #8846312 - Flags: review?(dkl) → review+
To github.com:bugzilla/bugzilla.git
   9f175f1fb..b15cb6e72  master -> master
Status: UNCONFIRMED → RESOLVED
Last Resolved: a year ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.