Closed Bug 126029 Opened 23 years ago Closed 22 years ago

cvsblame does not HTML escape log messages

Categories

(Webtools Graveyard :: Bonsai, defect, P1)

Product:
Webtools Graveyard
Component:
Bonsai
Platform:
x86
Linux
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: caillon, Assigned: endico)

References

(
URL
)

Details

Attachments

(1 file)

Patch
833 bytes, patch
caillon
: review+
Details | Diff | Splinter Review 
If the log contains < > or & then we need to escape it.

As an example, in the URL hover over:  bzbarsky 1.46

The HTML output is as follows.

<div id="rev_1.46" class="log_msg" style="display:none"><b>1.46</b> &lt;<a
href='mailto:bzbarsky@mit.edu'>bzbarsky@mit.edu</a>&gt; <b>24 Jan 2002
13:19</b><br><spacer TYPE=VERTICAL SIZE=5>Make computed border-style and float
be "none" by default.  Bugs <a
HREF="http://bugzilla.mozilla.org/show_bug.cgi?id=120982">120982</a><br>and <a
HREF="http://bugzilla.mozilla.org/show_bug.cgi?id=120965">120965</a>, patch by
Christopher Aillon <caillon@returnzero.com>,<br>r=bzbarsky, sr=jst<br></div>


PS - I'm flattered that you want my email address as an HTML element.  I'll
support any efforts to take it up with the w3c ;-)
Argh, this is really annoying. Try loading
http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/content/html/document/src/nsHTMLContentSink.cpp
and you'll notice that you're redirected to http://bonsai.mozilla.org/URI, and
that's because a checkin comment contains:

  <meta http-equiv="refresh" content="X; url=URI">

Not good.
Attached patch PatchSplinter Review 
Fixes this bug and cleans up a couple other minor issues (funny word wraping
and a //-> printed at the bottom of the page).
There are a lot of other uglies in this file, but I guess we can save those for
another day :)
Assignee: tara → jake
Keywords: patch, review
Priority: -- → P1
Checked in.
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
this is r1.30 we need it pulled to bonsai because it's causing bad things to happen...
Reopening since I new see this same problem again.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
endico would you please cvsupdate bonsai to catch this?
Assignee: jake → endico
Status: REOPENED → NEW
*** Bug 135872 has been marked as a duplicate of this bug. ***
yay.  sleestack updated bonsai the other night to grab this fix.  resolving.
Status: NEW → RESOLVED
Closed: 23 years ago22 years ago
Resolution: --- → FIXED
Product: Webtools → Webtools Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: