317936 – Test </a><div style="position:absolute;left:0;right:0;bottom:0;top:0" onmouseover="alert('foo');">hi</div>

Bug 317936 - Test </a><div style="position:absolute;left:0;right:0;bottom:0;top:0" onmouseover="alert('foo');">hi</div>

Summary: Test </a><div style="position:absolute;left:0;right:0;bottom:0;top:0" onmouse...

Status:	RESOLVED FIXED

Alias:	None

Product:	telepathy
Classification:	Frameworks and Libraries
Component:	text-ui-message-filters (show other bugs)
Version:	0.6.0
Platform:	Arch Linux Linux

Importance:	NOR normal
Target Milestone:	0.6.1
Assignee:	Telepathy Bugs

URL:
Keywords:

Depends on:
Blocks:

Reported:	2013-04-06 16:05 UTC by Nikita Skovoroda
Modified:	2013-04-08 10:08 UTC (History)
CC List:	1 user (show)

See Also:
Latest Commit:	http://commits.kde.org/telepathy-text-ui/14b5daf4cab4c534b5d29720b2092c1563db4e6a
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Nikita Skovoroda 2013-04-06 16:05:05 UTC

The link to this bug should be sent to ktp-text-ui.

Reproducible: Always

Steps to Reproduce:
1. Send the link to this bug to ktp-text-ui.

Comment 1 Nikita Skovoroda 2013-04-07 09:20:14 UTC

I'll make a patch today.

Comment 2 David Edmundson 2013-04-08 10:08:12 UTC

Git commit 14b5daf4cab4c534b5d29720b2092c1563db4e6a by David Edmundson, on behalf of Nikita Skovoroda.
Committed on 08/04/2013 at 12:05.
Pushed by davidedmundson into branch 'kde-telepathy-0.6'.

Bugzilla filter: escape html to block injection.
REVIEW: 109905

Also, fix a "not an object" js error when referencing an inexisting bug (and got a null result).

M  +27   -3    filters/bugzilla/showBugzillaInfo.js

http://commits.kde.org/telepathy-text-ui/14b5daf4cab4c534b5d29720b2092c1563db4e6a