Closed
Bug 1268510
Opened 8 years ago
Closed 8 years ago
links in templates that should not be clickable are normal links in kb articles using the template
Categories
(support.mozilla.org :: Knowledge Base Software, task)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 939210
People
(Reporter: dontarius, Unassigned)
References
()
Details
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 Build ID: 2016031600 Steps to reproduce: The page: https://support.mozilla.org/en-US/kb/install-flash-plugin-view-videos-animations-games contains a link to: http://libflashplayer[CAREFUL!].so/ When I clicked on this link previously, it attempted to install malware. Actual results: malware Expected results: no malware
Severity: normal → critical
OS: Unspecified → All
Hardware: Unspecified → All
P.S.: This is particularly troublesome since unsuspecting users may assume that the site contains the file needed in order to get flash player to work.
Comment 2•8 years ago
|
||
The part of the article linking to this website is a template: https://support.mozilla.org/en-US/kb/templateupdateflash. The link should not be clickable and it should not be a link, but a filename. Links that are not clickable in templates (e.g. mozilla<!---->.org) seem to be links in kb articles where the template is used. Mike, do you think, there's an easy fix for that or should we add a space instead of the <!----> for the moment, to prevent it getting a malware link?
Status: UNCONFIRMED → NEW
Ever confirmed: true
Flags: needinfo?(mcooper)
Summary: support.mozilla.org contains link to site installing malware → links in templates that should not be clickable are normal links in kb articles using the template
Updated•8 years ago
|
OS: All → Linux
Updated•8 years ago
|
Component: Knowledge Base Content → Knowledge Base Software
Comment 3•8 years ago
|
||
This looks to be a duplicate of Bug 939210 - You can't unlinkify something in a template
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → DUPLICATE
Comment 4•8 years ago
|
||
I don't work on Kitsune anymore.
Flags: needinfo?(mcooper) → needinfo?(giorgos)
Comment 5•8 years ago
|
||
Giorgos: This is probably an issue in how templates are included, which happens in wiki/parser.py [0]. I think the document has been edited, so I can't see what was causing this. I'd imagine that the parser is parsing templates twice, so comments get stripped out and things that weren't links in the template become links in the rendered version. [0]: https://github.com/mozilla/kitsune/blob/7ad041a900f16e8149b32957e45f295140636a7a/kitsune/wiki/parser.py#L402-L439
Comment 6•8 years ago
|
||
Thanks for the info Mike. (In reply to Tim [:pollti] from comment #2) > Mike, do you think, there's an easy fix for that or should we add a space > instead of the <!----> for the moment, to prevent it getting a malware link? Given the current team status I suggest that we add a space and fix this properly in the future. Please update here when you add the space and leave this bug open to track the fix Thanks!
Flags: needinfo?(giorgos)
Comment 7•8 years ago
|
||
Per bug 939210 comment 9, <b></b> was included by Tim for the template involved, which appears to work. I suggest using that (or probably other markup such as <s></s>, but consistency would be nice) instead of spaces.
You need to log in
before you can comment on or make changes to this bug.
Description
•