Closed Bug 234419 Opened 21 years ago Closed 21 years ago

quoteUrls quotes word "bug" in title="" attribute inserted by itself

Categories

(Bugzilla :: Attachments & Requests, defect)

Product:
Bugzilla
Component:
Attachments & Requests
Version:
2.17.6
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 232861

People

(Reporter: gerv, Assigned: bbaetz)

Details

Attachments

(1 file)

Problem bug 12345 Problem
2.59 KB, text/plain
Details
If you put the text "bug 123" in the title of an attachment, quoteUrls autolinkifies the attachment text with a title= containing the attachment title, but then also autolinkifies the "bug" word inside that title=. This manifests itself as broken HTML in the comments. It is best demonstrated with an example. See next comment. This issue is not, as far as I can tell, exploitable for cross-site scripting. Gerv
The above attachment link should fail to autolinkify correctly. Gerv
Indeed it does. There is a comment in the quoteUrls source (globals.pl:878) which says: # In particular, attachment matches go before bug titles, so that titles # with 'attachment 1 [details] [diff] [review]' don't double match. This seems to be the converse of that problem. Gerv
*** This bug has been marked as a duplicate of 232861 ***
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → DUPLICATE
QA Contact: matty_is_a_geek → default-qa
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: