editkeywords.cgi and describekeywords.cgi treat description differently as regards HTML

RESOLVED FIXED in Bugzilla 2.18

Status

()

RESOLVED FIXED
13 years ago
12 years ago

People

(Reporter: pjdemarco, Assigned: LpSolit)

Tracking

2.21
Bugzilla 2.18

Details

(Whiteboard: [blocker will fix])

(Reporter)

Description

13 years ago
when I put something like:
special site <a href="http://www.google.com">google</a>

as a description, and display editkeywords.cgi I see the raw HTML.
But when I look at describekeywords.cgi I see a link.

Comment 1

12 years ago
Hrm. What's our intention here? To never HTML-filter it, or to always HTML-filter it? If we don't filter it, that means that we trust anybody with "editkeywords" to not do any scripting there.
Severity: minor → normal
Summary: editkeywords.cgi does not HTMLify descriptions → editkeywords.cgi and describekeywords.cgi treat description differently as regards HTML
Whiteboard: [Good Intro Bug]
(Assignee)

Updated

12 years ago
Depends on: 206037
Whiteboard: [Good Intro Bug] → [blocker will fix]
Target Milestone: Bugzilla 3.0 → Bugzilla 2.18
(Assignee)

Comment 2

12 years ago
I have fixed this bug as part of bug 206037. Reassigning to me.
Assignee: general → LpSolit
(Assignee)

Updated

12 years ago
Status: NEW → RESOLVED
Last Resolved: 12 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.