Closed
Bug 305807
Opened 19 years ago
Closed 19 years ago
Fix some incorrect template filtering types
Categories
(Bugzilla :: Bugzilla-General, defect)
Tracking
()
RESOLVED
FIXED
Bugzilla 2.20
People
(Reporter: bugzilla, Assigned: bugzilla)
Details
Attachments
(2 files, 1 obsolete file)
9.31 KB,
patch
|
LpSolit
:
review+
|
Details | Diff | Splinter Review |
9.44 KB,
patch
|
bugzilla
:
review+
|
Details | Diff | Splinter Review |
There are some filters in the template which are 'html' which should be 'url_quote'. This is an extension of bug#304303
Comment 1•19 years ago
|
||
The quick rule of thumb here is: FILTER url_quote should be used anywhere that you are escaping ONLY the key or the value of an individual query string parameter. FILTER html should be used anywhere that the string being escaped encompasses more than one parameter or an entire URL. html will turn a & into & url_quote will turn a & into %29. Remember the above and that & separates parameters in the query string and you'll be all set.
Comment 2•19 years ago
|
||
I thought that everything which was in an anchor <a href="foo"> should be url_quoted, i.e. [% foo FILTER url_quote %]?
Attachment #199344 -
Flags: review?
Comment 4•19 years ago
|
||
Comment on attachment 199344 [details] [diff] [review] fix some filtering types r=LpSolit by inspection. I didn't check if you missed some other incorrectly filtered directories, but those in this patch look correct. Nit: could you update your patch and include admin/classification/edit.html.tmpl as well? product.description is incorrectly filtered (it should be FILTER none). Carry forward my r+ if you decide to update your patch.
Attachment #199344 -
Flags: review? → review+
Comment 5•19 years ago
|
||
The patch doesn't apply cleanly on the 2.20 branch. Requesting approval for 2.22 only.
Status: NEW → ASSIGNED
Flags: approval?
Target Milestone: --- → Bugzilla 2.22
Comment 6•19 years ago
|
||
I'd like to see this on 2.20 if someone can backport it.
Flags: blocking2.20.1+
Target Milestone: Bugzilla 2.22 → Bugzilla 2.20
Updated•19 years ago
|
Attachment #199344 -
Flags: review+
Backport to 2.20. I added the edit classifications fix and the remove saved search fix which prompted the bug in the first place. One of the 'tip' fixes is not relevant for 2.20
Attachment #199834 -
Flags: review?
Comment 8•19 years ago
|
||
Comment on attachment 199834 [details] [diff] [review] Fix some filtering for 2.20 r=LpSolit by inspection
Attachment #199834 -
Flags: review? → review+
Updated•19 years ago
|
Flags: approval2.20?
Carrying over lpsolit r+, having added his requested change
Attachment #199344 -
Attachment is obsolete: true
Attachment #199841 -
Flags: review+
Updated•19 years ago
|
Flags: approval?
Flags: approval2.20?
Flags: approval2.20+
Flags: approval+
Comment 10•19 years ago
|
||
tip: Checking in template/en/default/admin/classifications/edit.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/admin/classifications/edit.html.tmpl,v <-- edit.html.tmpl new revision: 1.6; previous revision: 1.5 done Checking in template/en/default/admin/groups/deleted.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/admin/groups/deleted.html.tmpl,v <-- deleted.html.tmpl new revision: 1.2; previous revision: 1.1 done Checking in template/en/default/admin/groups/list.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/admin/groups/list.html.tmpl,v <-- list.html.tmpl new revision: 1.3; previous revision: 1.2 done Checking in template/en/default/attachment/diff-header.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/attachment/diff-header.html.tmpl,v <-- diff-header.html.tmpl new revision: 1.11; previous revision: 1.10 done Checking in template/en/default/bug/summarize-time.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/bug/summarize-time.html.tmpl,v <-- summarize-time.html.tmpl new revision: 1.2; previous revision: 1.1 done Checking in template/en/default/global/user-error.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/global/user-error.html.tmpl,v <-- user-error.html.tmpl new revision: 1.134; previous revision: 1.133 done Checking in template/en/default/list/list.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/list/list.html.tmpl,v <-- list.html.tmpl new revision: 1.40; previous revision: 1.39 done 2.20: Checking in template/en/default/account/prefs/saved-searches.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/account/prefs/saved-searches.html.tmpl,v <--saved-searches.html.tmpl new revision: 1.5.6.2; previous revision: 1.5.6.1 done Checking in template/en/default/admin/classifications/edit.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/admin/classifications/edit.html.tmpl,v <-- edit.html.tmpl new revision: 1.3.6.1; previous revision: 1.3 done Checking in template/en/default/admin/groups/deleted.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/admin/groups/deleted.html.tmpl,v <-- deleted.html.tmpl new revision: 1.1.8.1; previous revision: 1.1 done Checking in template/en/default/admin/groups/list.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/admin/groups/list.html.tmpl,v <-- list.html.tmpl new revision: 1.1.8.1; previous revision: 1.1 done Checking in template/en/default/attachment/diff-header.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/attachment/diff-header.html.tmpl,v <-- diff-header.html.tmpl new revision: 1.10.2.1; previous revision: 1.10 done Checking in template/en/default/bug/summarize-time.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/bug/summarize-time.html.tmpl,v <-- summarize-time.html.tmpl new revision: 1.1.4.1; previous revision: 1.1 done Checking in template/en/default/global/user-error.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/global/user-error.html.tmpl,v <-- user-error.html.tmpl new revision: 1.115.2.6; previous revision: 1.115.2.5 done
Status: ASSIGNED → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•