Closed Bug 1306908 Opened 4 years ago Closed 4 years ago

OpenGraph extension doesn't escape URLs properly

Categories

(bugzilla.mozilla.org :: Extensions, defect)

Production
defect
Not set
normal

Tracking

()

RESOLVED FIXED

People

(Reporter: ecfbugzilla, Assigned: dylan)

References

()

Details

In the template extensions/OpenGraph/template/en/default/hook/global/header-start.html.tmpl the variable Bugzilla.cgi.self_url is being inserted without any escaping ("FILTER none" instead of "FILTER html"). This doesn't seem to cause any security issues, but there can be still unexpected effects due to ampersands not being escaped. For example, open https://bugzilla.mozilla.org/show_bug.cgi?id=200&lt,=1 and look at the <meta property="og:url" ...> tag in Inspector. You will see that the content attribute has the value https://bugzilla.mozilla.org/show_bug.cgi?id=200<%2C=1 - the browser interpreted &lt as an unclosed HTML entity and converted it into < accordingly. The expected value would have been https://bugzilla.mozilla.org/show_bug.cgi?id=200&lt%2C=1.
Assignee: nobody → dylan
To git@github.com:mozilla-bteam/bmo.git
   4be7f51..81aad4a  master -> master
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → FIXED
Component: Extensions: Other → Extensions
You need to log in before you can comment on or make changes to this bug.