Closed
Bug 142643
Opened 22 years ago
Closed 22 years ago
Doctor doesn't escape line break characters properly
Categories
(Webtools Graveyard :: Doctor, defect)
Webtools Graveyard
Doctor
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: myk, Assigned: myk)
Details
Attachments
(2 files)
1.89 KB,
patch
|
Details | Diff | Splinter Review | |
658 bytes,
patch
|
Details | Diff | Splinter Review |
When transferring form data in hidden form fields from server to client, Doctor escapes newlines as &nl; and carriage returns as &cr;. This is necessary because the HTML spec says clients should remove line break characters from HTML attributes. Doctor doesn't escape the natural occurrence of &nl; and &cr;, however, which means that in the unlikely situation that those characters appear in a document being edited with Doctor, those characters will get translated into line break characters instead of retaining their original meaning. Doctor should use "\n" for newlines and \r for carriage returns instead, then escape the backslash character with \\.
Assignee | ||
Comment 1•22 years ago
|
||
This patch fixes the problem by re-implementing the line break mechanism to use \r for carriage returns, \n for line feeds, and \\ for literal backslashes.
Assignee | ||
Comment 2•22 years ago
|
||
Checking in doctor.cgi; /cvsroot/mozilla/webtools/doctor/doctor.cgi,v <-- doctor.cgi new revision: 1.3; previous revision: 1.2 done
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
Assignee | ||
Comment 3•22 years ago
|
||
uses $1 instead of \1
Assignee | ||
Comment 4•22 years ago
|
||
Checking in doctor.cgi; /cvsroot/mozilla/webtools/doctor/doctor.cgi,v <-- doctor.cgi new revision: 1.4; previous revision: 1.3 done
Updated•18 years ago
|
QA Contact: asa → doctor
Updated•8 years ago
|
Product: Webtools → Webtools Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•