Closed
Bug 290703
Opened 20 years ago
Closed 20 years ago
Mozilla Update Search butchers special characters
Categories
(addons.mozilla.org Graveyard :: Public Pages, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
1.0
People
(Reporter: gidsgoldberg, Assigned: ted)
References
()
Details
Attachments
(1 file)
|
755 bytes,
patch
|
morgamic
:
first-review+
|
Details | Diff | Splinter Review |
Mozilla Update Search makes a mess of listings containing special characters such as quote marks and ampersands. In the case of ampersands instead of & the server sends &. In the case of quotation marks instead of " the server sends "
|
Assignee | |
Comment 1•20 years ago
|
||
Trivial to fix. Just remove htmlspecialchars from: http://lxr.mozilla.org/mozilla/source/webtools/update/quicksearch.php#179 Also maybe http://lxr.mozilla.org/mozilla/source/webtools/update/quicksearch.php#175 if extension names are already encoded in the DB.
|
|
Assignee | |
Comment 2•20 years ago
|
||
inc_global.php escapes all GET/POST vars by default. Everything in the DB is escaped already.
|
|
Assignee | |
Updated•20 years ago
|
Attachment #181096 -
Flags: first-review?(mike.morgan)
|
||
Comment 3•20 years ago
|
||
Comment on attachment 181096 [details] [diff] [review] Drop htmlspecialchars from name/description An assumption either way is just that; but I'd rather see a & than & (&) popping up in prod. I tested this on staging and without htmlspecialchars I did not get any validation errors.
Attachment #181096 -
Flags: first-review?(mike.morgan) → first-review+
|
|
||
Comment 4•20 years ago
|
||
Fix will be pushed in next update.
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → FIXED
|
||
Updated•9 years ago
|
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•