Closed Bug 492086 Opened 15 years ago Closed 15 years ago

JavaScript errors when entering chat with a question with a quotation mark.

Categories

(support.mozilla.org Graveyard :: Chat, defect)

Product:
support.mozilla.org Graveyard
Component:
Chat
Type:
defect
Priority:
Not set
Severity:
major

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: picaune, Assigned: zzxc)

Details

Attachments

(1 file)

Fix the bug
2.25 KB, patch
ozten
: review+
Details | Diff | Splinter Review 
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2a1pre; .NET CLR 3.5; ffco7) Gecko/20090508 Minefield/3.6a1pre
Build Identifier: 

When I try to use Live Chat on SUMO and type something into the question field that includes a quotation mark ('), then when the main chat window loads my chats aren't sent to the helper, the helper's chats aren't sent to me, and the helper's name does not appear.

Looking at the error console shows what it believes is a line not terminated by a semicolon. Instead it's an unmatched ' mark which mangles the JavaScript after it. The console also shows functions as undefined; these functions are hidden in the screwy strings.

The error appears to be caused by improper escaping of the question field when JSP injects the transcript URL (for me to visit after the chat finishes) in chatmain.jsp in the JavaScript showTranscriptWindow function.

I checked upstream (http://www.igniterealtime.org/fisheye/browse/svn-org/fastpath/webchat/trunk/src/webapp/chatmain.jsp?r=10729) and it doesn't look like the bug is there, but in SUMO-specific customizations, somewhere around line #224.

Reproducible: Always

Steps to Reproduce:
1. Go to http://support.mozilla.com/en-US/kb/Live+Chat?new_chat while chat is open.
2. Click Foxkeh.
3. Enter information into the fields, using a ' mark in the Question field.
4. Wait in the queue.
Some time later, a chat window appears.
Actual Results:  
The chat window that appears is blank and nonfunctional. Although you can read what you type, you can't see what the helper types and the helper can't see what you type.

Expected Results:  
The chat window that appears should be fully functional, listing a helper's name at the top and allowing chats back-and-forth.
Thanks for catching this!  This is likely the source of a lot of user disconnections.  The version of this code used on SUMO is at http://viewvc.svn.mozilla.org/vc/projects/livechat/trunk/webchat/src/webapp/chatmain.jsp?annotate=20820#l240

Adding support for CSAT surveys added extra variables to this url, but the url itself is enclosed with '' instead of "".  This results in the javascript error you found, since single quotes aren't url encoded.  Changing to double quotes here (and at http://viewvc.svn.mozilla.org/vc/projects/livechat/trunk/webchat/src/webapp/transcriptmain.jsp?view=annotate#l172) should fix this.
Assignee: nobody → bugs
Severity: normal → major
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Target Milestone: --- → 1.1
Attached patch Fix the bugSplinter Review 

        Attachment #376566 -
        Flags: review?

    
  

        Attachment #376566 -
        Flags: review? → review?(ozten.bugs)

    
  

        Attachment #376566 -
        Flags: review?(ozten.bugs) → review+

    
    

    
  
Comment on attachment 376566 [details] [diff] [review]
Fix the bug

Patch looks good. I didn't not test.

    
    

    
  
Fixed r25608
Status: ASSIGNED → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
Product: support.mozilla.org → support.mozilla.org Graveyard

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: