Review Request 109905: Bugzilla filter: escape html to block injection.

Commit Hook null at kde.org
Mon Apr 8 10:08:09 UTC 2013


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://git.reviewboard.kde.org/r/109905/#review30658
-----------------------------------------------------------


This review has been submitted with commit 14b5daf4cab4c534b5d29720b2092c1563db4e6a by David Edmundson on behalf of Nikita Skovoroda to branch kde-telepathy-0.6.

- Commit Hook


On April 8, 2013, 1:06 a.m., Nikita Skovoroda wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> http://git.reviewboard.kde.org/r/109905/
> -----------------------------------------------------------
> 
> (Updated April 8, 2013, 1:06 a.m.)
> 
> 
> Review request for Telepathy and David Edmundson.
> 
> 
> Description
> -------
> 
> Bugzilla filter: escape html to block injection.
> BUG: 317936.
>     
> Also, fix a "not an object" js error when referencing an inexisting bug (and got a null result).
> 
> 
> This addresses bug 317936.
>     http://bugs.kde.org/show_bug.cgi?id=317936
> 
> 
> Diffs
> -----
> 
>   filters/bugzilla/showBugzillaInfo.js 1906257 
> 
> Diff: http://git.reviewboard.kde.org/r/109905/diff/
> 
> 
> Testing
> -------
> 
> Works.
> No injection now.
> No «not an object» errors in Inspector for inexisting bugs now.
> 
> 
> Thanks,
> 
> Nikita Skovoroda
> 
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-telepathy/attachments/20130408/677db19b/attachment.html>


More information about the KDE-Telepathy mailing list