Commit f2b9d48c authored by Frédéric Buclin's avatar Frédéric Buclin

Bug 714664: The content of the "emailregexpdesc" parameter is not escaped when…

Bug 714664: The content of the "emailregexpdesc" parameter is not escaped when displayed to the user r=dkl a=LpSolit
parent 9dbc12f5
...@@ -46,7 +46,7 @@ ...@@ -46,7 +46,7 @@
A legal address must contain exactly one '@', A legal address must contain exactly one '@',
and at least one '.' after the @. and at least one '.' after the @.
[% ELSE %] [% ELSE %]
[%+ Param('emailregexpdesc') %] [%+ Param('emailregexpdesc') FILTER html_light %]
[% END %] [% END %]
It must also not contain any of these special characters: It must also not contain any of these special characters:
<tt>\ ( ) &amp; &lt; &gt; , ; : &quot; [ ]</tt>, or any whitespace. <tt>\ ( ) &amp; &lt; &gt; , ; : &quot; [ ]</tt>, or any whitespace.
......
...@@ -852,7 +852,7 @@ ...@@ -852,7 +852,7 @@
A legal address must contain exactly one '@', A legal address must contain exactly one '@',
and at least one '.' after the @. and at least one '.' after the @.
[% ELSE %] [% ELSE %]
[%+ Param('emailregexpdesc') %] [%+ Param('emailregexpdesc') FILTER html_light %]
[% END %] [% END %]
It must also not contain any of these special characters: It must also not contain any of these special characters:
<tt>\ ( ) &amp; &lt; &gt; , ; : &quot; [ ]</tt>, or any whitespace. <tt>\ ( ) &amp; &lt; &gt; , ; : &quot; [ ]</tt>, or any whitespace.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment