Patch from Jake <jake@acutex.net> for bugs 22041 and 25693 which had the same…

Patch from Jake <jake@acutex.net> for bugs 22041 and 25693 which had the same problem. HTML meta characters in the summary were not being quoted before being printed to html.

Patch from Jake <jake@acutex.net> for bugs 22041 and 25693 which had the same…
84298cd1 · endico%mozilla.org · e9876098 · 84298cd1 · 84298cd1
Commit 84298cd1 authored Mar 09, 2001 by endico%mozilla.org
Show whitespace changes
Inline Side-by-side

Showing with 2 additions and 0 deletions

duplicates.cgi duplicates.cgi +1 -0

show_bug.cgi show_bug.cgi +1 -0

No files found.
--- a/duplicates.cgi
+++ b/duplicates.cgi
@@ -142,6 +142,7 @@ foreach (@sortedcount)
 	SendSQL("SELECT component, bug_severity, op_sys, target_milestone, short_desc FROM " . 
 												   "bugs WHERE bug_id = $id");
 	my ($component, $severity, $op_sys, $milestone, $summary) = FetchSQLData();
+        $summary = html_quote($summary);
 	print "<tr>";
 	print '<td><center><A HREF="show_bug.cgi?id=' . $id . '">';
 	print $id . "</A></center></td>";

--- a/show_bug.cgi
+++ b/show_bug.cgi
@@ -50,6 +50,7 @@ GetVersionTable();
 SendSQL("select short_desc from bugs where bug_id = $::FORM{'id'}");
 my $summary = FetchOneColumn();
 if( $summary ) {
+    $summary = html_quote($summary);
    PutHeader("Bug $::FORM{'id'} - $summary", "Bugzilla Bug $::FORM{'id'}", $summary );
 }else {
    PutHeader("Bugzilla bug $::FORM{'id'}", "Bugzilla Bug", $::FORM{'id'});