Closed Bug 142643 Opened 22 years ago Closed 22 years ago

Doctor doesn't escape line break characters properly

Categories

(Webtools Graveyard :: Doctor, defect)

Product:
Webtools Graveyard
Component:
Doctor
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: myk, Assigned: myk)

Details

Attachments

(2 files)

patch v1: fixes problem
1.89 KB, patch
Details | Diff | Splinter Review
patch v2: corrects perl syntax issue
658 bytes, patch
Details | Diff | Splinter Review 
When transferring form data in hidden form fields from server to client, Doctor
escapes newlines as &nl; and carriage returns as &cr;.  This is necessary
because the HTML spec says clients should remove line break characters from HTML
attributes.

Doctor doesn't escape the natural occurrence of &nl; and &cr;, however, which
means that in the unlikely situation that those characters appear in a document
being edited with Doctor, those characters will get translated into line break
characters instead of retaining their original meaning.

Doctor should use "\n" for newlines and \r for carriage returns instead, then
escape the backslash character with \\.
This patch fixes the problem by re-implementing the line break mechanism to use
\r for carriage returns, \n for line feeds, and \\ for literal backslashes.
Checking in doctor.cgi;
/cvsroot/mozilla/webtools/doctor/doctor.cgi,v  <--  doctor.cgi
new revision: 1.3; previous revision: 1.2
done
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
uses $1 instead of \1
Checking in doctor.cgi;
/cvsroot/mozilla/webtools/doctor/doctor.cgi,v  <--  doctor.cgi
new revision: 1.4; previous revision: 1.3
done
QA Contact: asa → doctor
Product: Webtools → Webtools Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: