Closed
Bug 314659
Opened 19 years ago
Closed 18 years ago
Provide more information for the Atom summary
Categories
(Bugzilla :: Query/Bug List, enhancement)
Tracking
()
RESOLVED
FIXED
Bugzilla 3.2
People
(Reporter: LpSolit, Assigned: LpSolit)
References
(Blocks 1 open bug)
Details
Attachments
(1 file, 2 obsolete files)
|
3.83 KB,
patch
|
bugzilla-mozilla
:
review+
|
Details | Diff | Splinter Review |
The reporter should be in the summary itself, as well as the resolution of the bug (actually, only its status is given) and its description (aka comment 0).
|
Assignee | |
Comment 1•19 years ago
|
||
Attachment #201561 -
Flags: review?(bugreport)
|
|
Assignee | |
Updated•19 years ago
|
Attachment #201561 -
Flags: review?(myk)
|
||
Updated•19 years ago
|
Attachment #201561 -
Flags: review?(bugreport) → review+
|
|
Assignee | |
Updated•19 years ago
|
Attachment #201561 -
Flags: review?(myk)
|
|
Assignee | |
Updated•19 years ago
|
Status: NEW → ASSIGNED
Flags: approval?
|
||
Updated•19 years ago
|
Flags: approval? → approval+
|
|
||
Updated•19 years ago
|
Flags: approval+ → approval?
|
|
Assignee | |
Comment 4•19 years ago
|
||
I don't have time to play with it before 3.0
Assignee: LpSolit → query-and-buglist
Status: ASSIGNED → NEW
Target Milestone: Bugzilla 3.0 → ---
|
|
Assignee | |
Comment 5•18 years ago
|
||
Compared to the inital patch, I dropped the initial comment. We can add it separately if we want to.
Assignee: query-and-buglist → LpSolit
Attachment #201561 -
Attachment is obsolete: true
Status: NEW → ASSIGNED
Attachment #251569 -
Flags: review?(bugzilla-mozilla)
|
|
Assignee | |
Updated•18 years ago
|
Summary: Give more information in the RSS summary → Provide more information for the Atom summary
|
||
Comment 6•18 years ago
|
||
Comment on attachment 251569 [details] [diff] [review]
patch, v2
>Index: template/en/default/list/list.atom.tmpl
>+ </tr><tr class="bz_feed_assignee">
> <td>[% columns.assigned_to_realname.title FILTER none %]</td>
> <td>[% bug.assigned_to_realname FILTER none %]</td>
I do not understand why this is FILTER none. If I change my realname to 'Olav <b>Vitters</b>' Firefox shows Vitters as bold within the Atom field, just as I would expect. I did see the FILTER xml, but that should is just some Atom specific thing (because the HTML has to be escaped). Bug.assigned_to_realname should still be escaped otherwise Atom clients which interpret the <td> will look at a <b> (etc) within a realname as well. Same for the other fields.
Attachment #251569 -
Flags: review?(bugzilla-mozilla) → review-
|
|
Assignee | |
Comment 7•18 years ago
|
||
FILTER none -> FILTER html in the <summary> section as it uses type="html" and all HTML tags MUST be filtered, per the Atom specs: http://www.ietf.org/rfc/rfc4287
Attachment #251569 -
Attachment is obsolete: true
Attachment #252207 -
Flags: review?(bugzilla-mozilla)
|
|
||
Updated•18 years ago
|
Attachment #252207 -
Flags: review?(bugzilla-mozilla) → review+
|
|
||
Updated•18 years ago
|
Flags: approval?
Target Milestone: --- → Bugzilla 3.0
|
||
Comment 8•18 years ago
|
||
Comment on attachment 252207 [details] [diff] [review]
patch, v3
By the way, why didn't you just change it to serve up columns based on the columnlist parameter? This is what clients keep asking me for, personally.
|
|
Assignee | |
Comment 9•18 years ago
|
||
Phil, it appears that the data in <summary> is currently incorrectly escaped, see my patch. Is there actually any *security* risk? If yes, then we will have to backport the filtering part of my patch on all branches.
Group: webtools-security
|
|
||
Comment 10•18 years ago
|
||
I'm fairly sure that this is a security bug for the same reason that bug 313441 was.
Depends on: 313441
|
|
Assignee | |
Updated•18 years ago
|
Target Milestone: Bugzilla 3.0 → Bugzilla 3.2
|
|
Assignee | |
Comment 11•18 years ago
|
||
Note that I couldn't exploit this issue with the Sage extension of Firefox. It seems to sanitize the fields for me (at least when the field contains <script>, </tr>, </td>, ...).
|
||
Comment 12•18 years ago
|
||
Sigh. Yes, it's security and needs to be backported, because an untrusted person could assign himself to a bug you'll see, with a script-injecting realname. Sorry, I'm too used to systems that would refuse or strip that realname on input, rather than escape it on output.
|
|
||
Comment 13•18 years ago
|
||
Since I don't see it mentioned here, the security portion of this bug was spun off as bug 367674.
|
|
||
Comment 14•18 years ago
|
||
Security advisory posted for bug 367674, so unlocking this bug.
Group: webtools-security
|
|
Assignee | |
Updated•18 years ago
|
Flags: approval? → approval+
|
|
Assignee | |
Comment 15•18 years ago
|
||
Checking in buglist.cgi;
/cvsroot/mozilla/webtools/bugzilla/buglist.cgi,v <-- buglist.cgi
new revision: 1.352; previous revision: 1.351
done
Checking in template/en/default/list/list.atom.tmpl;
/cvsroot/mozilla/webtools/bugzilla/template/en/default/list/list.atom.tmpl,v <-- list.atom.tmpl
new revision: 1.3; previous revision: 1.2
done
Status: ASSIGNED → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
|
|
||
Comment 17•17 years ago
|
||
Added to the release notes for Bugzilla 3.2 in a patch on bug 432331.
Keywords: relnote
You need to log in
before you can comment on or make changes to this bug.
Description
•