Closed Bug 305807 Opened 20 years ago Closed 20 years ago

Fix some incorrect template filtering types

Categories

(Bugzilla :: Bugzilla-General, defect)

Product:
Bugzilla
Component:
Bugzilla-General
Version:
2.21
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
Bugzilla 2.20

People

(Reporter: bugzilla, Assigned: bugzilla)

Details

Attachments

(2 files, 1 obsolete file)

Fix some filtering for 2.20
9.31 KB, patch
LpSolit
: review+
Details | Diff | Splinter Review
fix some filtering types v2 (tip)
9.44 KB, patch
bugzilla
: review+
Details | Diff | Splinter Review
There are some filters in the template which are 'html' which should be 'url_quote'. This is an extension of bug#304303
The quick rule of thumb here is: FILTER url_quote should be used anywhere that you are escaping ONLY the key or the value of an individual query string parameter. FILTER html should be used anywhere that the string being escaped encompasses more than one parameter or an entire URL. html will turn a & into & url_quote will turn a & into %29. Remember the above and that & separates parameters in the query string and you'll be all set.
I thought that everything which was in an anchor <a href="foo"> should be url_quoted, i.e. [% foo FILTER url_quote %]?
Attached patch fix some filtering types (obsolete) — Splinter Review
Attachment #199344 - Flags: review?
Comment on attachment 199344 [details] [diff] [review] fix some filtering types r=LpSolit by inspection. I didn't check if you missed some other incorrectly filtered directories, but those in this patch look correct. Nit: could you update your patch and include admin/classification/edit.html.tmpl as well? product.description is incorrectly filtered (it should be FILTER none). Carry forward my r+ if you decide to update your patch.
Attachment #199344 - Flags: review? → review+
The patch doesn't apply cleanly on the 2.20 branch. Requesting approval for 2.22 only.
Status: NEW → ASSIGNED
Flags: approval?
Target Milestone: --- → Bugzilla 2.22
I'd like to see this on 2.20 if someone can backport it.
Flags: blocking2.20.1+
Target Milestone: Bugzilla 2.22 → Bugzilla 2.20
Attachment #199344 - Flags: review+
Backport to 2.20. I added the edit classifications fix and the remove saved search fix which prompted the bug in the first place. One of the 'tip' fixes is not relevant for 2.20
Attachment #199834 - Flags: review?
Comment on attachment 199834 [details] [diff] [review] Fix some filtering for 2.20 r=LpSolit by inspection
Attachment #199834 - Flags: review? → review+
Flags: approval2.20?
Carrying over lpsolit r+, having added his requested change
Attachment #199344 - Attachment is obsolete: true
Attachment #199841 - Flags: review+
Flags: approval?
Flags: approval2.20?
Flags: approval2.20+
Flags: approval+
tip: Checking in template/en/default/admin/classifications/edit.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/admin/classifications/edit.html.tmpl,v <-- edit.html.tmpl new revision: 1.6; previous revision: 1.5 done Checking in template/en/default/admin/groups/deleted.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/admin/groups/deleted.html.tmpl,v <-- deleted.html.tmpl new revision: 1.2; previous revision: 1.1 done Checking in template/en/default/admin/groups/list.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/admin/groups/list.html.tmpl,v <-- list.html.tmpl new revision: 1.3; previous revision: 1.2 done Checking in template/en/default/attachment/diff-header.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/attachment/diff-header.html.tmpl,v <-- diff-header.html.tmpl new revision: 1.11; previous revision: 1.10 done Checking in template/en/default/bug/summarize-time.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/bug/summarize-time.html.tmpl,v <-- summarize-time.html.tmpl new revision: 1.2; previous revision: 1.1 done Checking in template/en/default/global/user-error.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/global/user-error.html.tmpl,v <-- user-error.html.tmpl new revision: 1.134; previous revision: 1.133 done Checking in template/en/default/list/list.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/list/list.html.tmpl,v <-- list.html.tmpl new revision: 1.40; previous revision: 1.39 done 2.20: Checking in template/en/default/account/prefs/saved-searches.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/account/prefs/saved-searches.html.tmpl,v <--saved-searches.html.tmpl new revision: 1.5.6.2; previous revision: 1.5.6.1 done Checking in template/en/default/admin/classifications/edit.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/admin/classifications/edit.html.tmpl,v <-- edit.html.tmpl new revision: 1.3.6.1; previous revision: 1.3 done Checking in template/en/default/admin/groups/deleted.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/admin/groups/deleted.html.tmpl,v <-- deleted.html.tmpl new revision: 1.1.8.1; previous revision: 1.1 done Checking in template/en/default/admin/groups/list.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/admin/groups/list.html.tmpl,v <-- list.html.tmpl new revision: 1.1.8.1; previous revision: 1.1 done Checking in template/en/default/attachment/diff-header.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/attachment/diff-header.html.tmpl,v <-- diff-header.html.tmpl new revision: 1.10.2.1; previous revision: 1.10 done Checking in template/en/default/bug/summarize-time.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/bug/summarize-time.html.tmpl,v <-- summarize-time.html.tmpl new revision: 1.1.4.1; previous revision: 1.1 done Checking in template/en/default/global/user-error.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/global/user-error.html.tmpl,v <-- user-error.html.tmpl new revision: 1.115.2.6; previous revision: 1.115.2.5 done
Status: ASSIGNED → RESOLVED
Closed: 20 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: