Closed
Bug 828909
Opened 11 years ago
Closed 11 years ago
Sanitize Wi-Fi hotspot username and password
Categories
(Firefox OS Graveyard :: Wifi, defect)
Firefox OS Graveyard
Wifi
Tracking
(blocking-basecamp:+, firefox18 wontfix, firefox19 wontfix, firefox20 wontfix, firefox21 fixed, b2g18 fixed)
People
(Reporter: mrbkap, Assigned: vchang)
References
Details
Attachments
(1 file, 1 obsolete file)
1.40 KB,
patch
|
mrbkap
:
review+
|
Details | Diff | Splinter Review |
See bug 825049 comment 7, which is right on the money. Vincent, is it possible to escape the quotes here or should we disallow passwords with quotes in them? Vincent, we talked about using "".replace, but I don't think that's the right way to go. You need to be careful about previously-escaped slashes and escaped slashes.
Comment 1•11 years ago
|
||
Yeah, there's probably lots of encoding issues we should worry about beyond a simple rouge ". Adding PaulJT for more info. Blocking here as we need to address in some minimal way at least.
blocking-basecamp: ? → +
Assignee | ||
Comment 2•11 years ago
|
||
Attachment #700445 -
Flags: review?(mrbkap)
Reporter | ||
Comment 3•11 years ago
|
||
Comment on attachment 700445 [details] [diff] [review] Patch v1.0 Review of attachment 700445 [details] [diff] [review]: ----------------------------------------------------------------- ::: dom/system/gonk/net_worker.js @@ +380,5 @@ > } > > +function escapeQuote(str) { > + str = str.replace(/\\/g, "\\\\"); > + return str.replace(/\"/g, "\\\""); You don't need the \ in front of the quote in the regexp.
Attachment #700445 -
Flags: review?(mrbkap) → review+
Assignee | ||
Comment 4•11 years ago
|
||
Attachment #700445 -
Attachment is obsolete: true
Attachment #700492 -
Flags: review?(mrbkap)
Reporter | ||
Updated•11 years ago
|
Attachment #700492 -
Flags: review?(mrbkap) → review+
Assignee | ||
Updated•11 years ago
|
Keywords: checkin-needed
Assignee | ||
Comment 6•11 years ago
|
||
(In reply to Johnny Stenback (:jst, jst@mozilla.com) from comment #5) > https://hg.mozilla.org/integration/mozilla-inbound/rev/2d1152cf727e Thank you, Johnny.
Updated•11 years ago
|
Keywords: checkin-needed
Comment 7•11 years ago
|
||
https://hg.mozilla.org/releases/mozilla-b2g18/rev/22aff697228d
status-b2g18:
--- → fixed
Updated•11 years ago
|
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Comment 8•11 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/2d1152cf727e
Comment 9•11 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/2d1152cf727e
Updated•11 years ago
|
status-firefox20:
--- → wontfix
status-firefox21:
--- → fixed
Target Milestone: --- → B2G C4 (2jan on)
You need to log in
before you can comment on or make changes to this bug.
Description
•