Closed Bug 304303 Opened 19 years ago Closed 19 years ago

Forget Search link in prefs does not escape the name

Categories

(Bugzilla :: Query/Bug List, defect)

Product:
Bugzilla
Component:
Query/Bug List
Version:
2.21
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
Bugzilla 2.22

People

(Reporter: bugzilla-mozilla-20000923, Assigned: bugzilla)

Details

Attachments

(1 file)

correct the filtering in saved searches
866 bytes, patch
LpSolit
: review+
Details | Diff | Splinter Review 
I found this entirely by accident. I have some searches called "approval1.8b3+" 
and "approval1.8b4+", which I no longer wanted. So I went to prefs, and hit the 
forget link. Two problems occured (one depends on the other):

1. The link points to:
    buglist.cgi?cmdtype=dorem&remaction=forget&namedcmd=approval1.8b3+
   with the + literally. This is wrong.
2. The page that loaded said it had forgotten the search "approval1.8b3". It 
had lost the +, since it was sent as a space.

Obviously, the fix is to actually esacpe the names. I also think it is pretty 
silly to claim you'd forgotten a search that did not exist!

I have checked this occurs on my own trunk Bugzilla install, and it does.
We used html filtering when we should be url_quote filtering, I think.
Assignee: query-and-buglist → bugzilla
Status: NEW → ASSIGNED
Attachment #192982 - Flags: review?(LpSolit)
nice catch...   try this....
grep -rn "FILTER html *%]\">.*/a" template
I think there are a bunch of places where this has happened.

(In reply to comment #2)
> nice catch...   try this....
> grep -rn "FILTER html *%]\">.*/a" template
> I think there are a bunch of places where this has happened.
> 

ooh yuck. yes. I'll sort them all out as well then (and try for a test to catch them)


Comment on attachment 192982 [details] [diff] [review]
correct the filtering in saved searches

r=LpSolit

Bonus point to fix all occurences within the Bugzilla code, as per comment 2.

GavinS, I will let you request approval if you want to fix them in a separate
bug, else please update your patch and update the summary of this bug
accordingly.
Attachment #192982 - Flags: review?(LpSolit) → review+
Target Milestone: --- → Bugzilla 2.20
I'll do the others seperately.
Flags: approval?
(In reply to comment #5)
> I'll do the others seperately.

In bug#305807
Flags: approval? → approval+
Checking in template/en/default/account/prefs/saved-searches.html.tmpl;
/cvsroot/mozilla/webtools/bugzilla/template/en/default/account/prefs/saved-searches.html.tmpl,v
 <--saved-searches.html.tmpl
new revision: 1.8; previous revision: 1.7
done
Status: ASSIGNED → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
Target Milestone: Bugzilla 2.20 → Bugzilla 2.22
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: