If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

Reviewer comments in approval emails are not escaped properly

RESOLVED DUPLICATE of bug 348308

Status

addons.mozilla.org Graveyard
Developer Pages
RESOLVED DUPLICATE of bug 348308
13 years ago
2 years ago

People

(Reporter: Cameron, Assigned: morgamic)

Tracking

Details

(Reporter)

Description

13 years ago
I'm seeing \' where there should be just '

I have a secondary interest in this bug as I'm currently having the same problem
with a news script on my website :( I should learn some more php :S

Comment 1

13 years ago
You should be able to take care of this with a stripslashes($comments) somewhere
in http://lxr.mozilla.org/update1.0/source/developers/mail_approval.php before
sending the mail.  Or maybe don't escape it in the first place
(http://lxr.mozilla.org/update1.0/source/developers/approval.php#36) except at
http://lxr.mozilla.org/update1.0/source/developers/inc_approval.php#29.
(Reporter)

Updated

12 years ago
Summary: Apostrophes in approval emails have backslashes → Reviewer comments in approval emails are not escaped properly
(Reporter)

Comment 2

12 years ago
*** Bug 303099 has been marked as a duplicate of this bug. ***
(Reporter)

Comment 3

12 years ago
As mentioned in Bug 303099, this is also affecting > and " - which means it'll affect a bunch of other characters too I'm guessing.
(Assignee)

Updated

12 years ago
Assignee: Bugzilla-alanjstrBugs → morgamic
Severity: minor → normal
(Reporter)

Comment 4

11 years ago
AMO bugspam. Correcting QA contacts on OLD bugs (mozilla.update@update.bugs)

-> Correct QA contact (developers@add-ons.bugs)

Filtermeplzkthx
QA Contact: mozilla.update → developers
(Reporter)

Comment 5

11 years ago
Duping to a newer bug because it has a patch.

*** This bug has been marked as a duplicate of 348308 ***
Status: NEW → RESOLVED
Last Resolved: 11 years ago
Resolution: --- → DUPLICATE
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.