src parameter should trickle down on display page

VERIFIED FIXED in 5.2

Status

addons.mozilla.org Graveyard
Public Pages
VERIFIED FIXED
9 years ago
2 years ago

People

(Reporter: fligtar, Assigned: rdoherty)

Tracking

Details

Attachments

(1 attachment, 1 obsolete attachment)

v2
1.93 KB, patch
clouserw
: review+
Details | Diff | Splinter Review
(Reporter)

Description

9 years ago
If there is a src= parameter in an add-on display page's url, e.g. addons.mozilla.org/addon/2848?src=hi, that parameter should trickle down to the install links and replace the addondetail src parameter.
(Assignee)

Updated

9 years ago
Depends on: 507214
Target Milestone: 5.2 → 5.3
(Reporter)

Comment 1

9 years ago
This is needed for the download source tracking in 5.2.
Target Milestone: 5.3 → 5.2
(Assignee)

Comment 2

9 years ago
(In reply to comment #1)
> This is needed for the download source tracking in 5.2.

Next time if there's a bug that's necessary for 5.2 let's make it a P1.
(Assignee)

Comment 3

9 years ago
(In reply to comment #2)
> Next time if there's a bug that's necessary for 5.2 let's make it a P1.
s/5.2/a release
(Assignee)

Comment 4

9 years ago
Created attachment 406131 [details] [diff] [review]
v1

This depends on the patch in bug 519635
Attachment #406131 - Flags: review?(clouserw)
Comment on attachment 406131 [details] [diff] [review]
v1

set() does no escaping and you deleted the whitelist so this is an injection hole
Attachment #406131 - Flags: review?(clouserw) → review-
(Assignee)

Comment 6

9 years ago
Created attachment 406145 [details] [diff] [review]
v2

publish() used now.
Attachment #406131 - Attachment is obsolete: true
Attachment #406145 - Flags: review?(clouserw)
Attachment #406145 - Flags: review?(clouserw) → review+
(Assignee)

Comment 7

9 years ago
r53381
Status: NEW → RESOLVED
Last Resolved: 9 years ago
Keywords: push-needed
Resolution: --- → FIXED
Can someone give me a quick preview URL on which I can verify this?  Thanks!
Ryan: awesome, thanks!  (Helps to write out Litmus testcases, too.)

Verified FIXED, following the steps in comment 9.
Status: RESOLVED → VERIFIED
Keywords: push-needed
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in before you can comment on or make changes to this bug.