Closed
Bug 509373
Opened 15 years ago
Closed 15 years ago
<!-- in bug summary is included in inline JavaScript without escaping
Categories
(Bugzilla :: Bugzilla-General, defect)
Bugzilla
Bugzilla-General
Tracking
()
RESOLVED
DUPLICATE
of bug 503980
People
(Reporter: hsivonen, Unassigned)
References
()
Details
Steps to reproduce:
1) Load https://bugzilla.mozilla.org/show_bug.cgi?id=509009 in Safari or in Minefield with the pref html5.enable set to true
2) Load https://bugzilla.mozilla.org/show_bug.cgi?id=503632 in Safari or in Minefield with the pref html5.enable set to true
Actual results:
Significant parts of the Bugzilla UI disappear.
Expected results:
Expected normal UI.
Additional info:
When Bugzilla includes a string containing "<!--" in an inline JavaScript block, it should escape it as "\u003C!--" to hide it from the HTML parser.
Updated•15 years ago
|
Group: bugzilla-security
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → DUPLICATE
Comment 2•15 years ago
|
||
(In reply to comment #0)
> Actual results:
> Significant parts of the Bugzilla UI disappear.
IMO, that's a bug in Firefox HTML5 parser, per bug 503632.
You need to log in
before you can comment on or make changes to this bug.
Description
•