Closed Bug 1850131 Opened 1 year ago Closed 1 year ago

We should escape the URLs we swap into the fakespot analyze URI

Tracking

()

Status:

RESOLVED FIXED

People

(Reporter: Gijs, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: [fidefe-shopping])

:Gijs (out for now; he/him)

Reporter

Description

•

1 year ago

Should have spotted this in https://hg.mozilla.org/integration/autoland/rev/d19300867c28782387e580be2a4346a6bb12ffe4 - but if the inner URI contains something like &url=foo then we end up asking for https://fakespot.com/analyze?url=...&url=... and I don't know what that does to the server.

We should test this carefully with all supported retailers because I'm not sure how the server is going to cope with escaping.

Jira Integration Bot

Updated

•

1 year ago

See Also: → https://mozilla-hub.atlassian.net/browse/FIDEFE-4096

Jared Hirsch [:jhirsch] (he/him) (Needinfo please)

Updated

•

1 year ago

Severity: -- → S3

Priority: -- → P2

Jared Hirsch [:jhirsch] (he/him) (Needinfo please)

Comment 1

•

1 year ago

This was closed by the patch that closed bug 1843142

Status: NEW → RESOLVED

Closed: 1 year ago

Resolution: --- → FIXED

You need to log in before you can comment on or make changes to this bug.

Bugzilla

We should escape the URLs we swap into the fakespot analyze URI

Categories

(Firefox :: Shopping, defect, P2)

Tracking

()

People

(Reporter: Gijs, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: [fidefe-shopping])

Crash Data

Security

(public)

User Story

Description

Updated

Updated

Comment 1