Closed
Bug 859188
Opened 11 years ago
Closed 11 years ago
Characters such as & and + are not correctly encoded in URLs used in report tables
Categories
(Bugzilla :: Reporting/Charting, defect)
Tracking
()
RESOLVED
FIXED
Bugzilla 4.2
People
(Reporter: ewong, Assigned: LpSolit)
References
Details
(Keywords: regression, Whiteboard: [fixed by blocker])
Attachments
(3 obsolete files)
Under the SeaMonkey product, this report can be generated: https://bugzilla.mozilla.org/report.cgi?query_format=report-table&format=table&action=wrap&x_axis_field=bug_status&y_axis_field=component&product=SeaMonkey&resolution=--- As shown, under Startup/Profiles, there are 40 New bugs (as of this bug filing), but when you click on the 40, it shows Zarro Bugs. There should be a list of bugs which belongs to that component.
Reporter | ||
Updated•11 years ago
|
Summary: No bugs found when clicking on report component status. → No bugs found when clicking on NEW bugs for StartUp & Profiles in report component status.
Assignee: nobody → charting
Component: General → Reporting/Charting
Product: bugzilla.mozilla.org → Bugzilla
QA Contact: default-qa
Summary: No bugs found when clicking on NEW bugs for StartUp & Profiles in report component status. → URLs are not encoded on report tables (no bugs found when clicking on a report with spaces in the component)
Version: Production → 4.2.5
Assignee | ||
Updated•11 years ago
|
Depends on: 142394
Keywords: regression
OS: Windows Vista → All
Hardware: x86 → All
Target Milestone: --- → Bugzilla 4.2
Assignee | ||
Comment 2•11 years ago
|
||
Comment on attachment 734489 [details] [diff] [review] patch v1 Why don't you use |FILTER uri| instead of encodeURIComponent()?
Assignee | ||
Comment 3•11 years ago
|
||
Comment on attachment 734489 [details] [diff] [review] patch v1 See my previous comment. Use FILTER uri instead, for consistency.
Attachment #734489 -
Flags: review?(LpSolit) → review-
Assignee | ||
Comment 4•11 years ago
|
||
Bugzilla 4.2 is now restricted to security fixes only.
Target Milestone: Bugzilla 4.2 → Bugzilla 4.4
Attachment #734489 -
Attachment is obsolete: true
Attachment #760930 -
Flags: review?(LpSolit)
need to FILTER js as well.
Attachment #760930 -
Attachment is obsolete: true
Attachment #760930 -
Flags: review?(LpSolit)
Attachment #761298 -
Flags: review?(LpSolit)
Assignee | ||
Comment 8•11 years ago
|
||
Actually, whitespaces are not the problem. The problem is for characters such as & and + which are interpreted differently by the web browser.
Summary: URLs are not encoded on report tables (no bugs found when clicking on a report with spaces in the component) → Characters such as & and + are not correctly encoded in URLs used in report tables
Assignee | ||
Comment 9•11 years ago
|
||
Comment on attachment 761298 [details] [diff] [review] patch v3 >+ [% IF row_vals %] >+ + '&[% row_values FILTER uri FILTER js %]' >+ [% END %] s/row_values/row_vals/. Moreover, row_values and col_vals are already escaped, so you must not call FILTER uri again. About FILTER js, you would have to check. I applied your patch, and it doesn't work.
Attachment #761298 -
Flags: review?(LpSolit) → review-
Assignee | ||
Comment 10•11 years ago
|
||
It will be fixed as a side-effect of bug 924932.
Assignee: glob → LpSolit
Depends on: CVE-2013-1743
Whiteboard: [fixed by blocker]
Target Milestone: Bugzilla 4.4 → Bugzilla 4.2
Assignee | ||
Updated•11 years ago
|
Attachment #761298 -
Attachment is obsolete: true
Assignee | ||
Updated•11 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•