Commit ac24af74 authored by Simon Green's avatar Simon Green

Bug 875217 - SecurityError in Javascript on buglist.cgi

r=glob, a=glob
parent 221552f6
...@@ -30,22 +30,22 @@ ...@@ -30,22 +30,22 @@
[% qorder = order FILTER uri IF order %] [% qorder = order FILTER uri IF order %]
[% javascript = BLOCK %] [% javascript = BLOCK %]
[% new_url = cgi.self_url %]
[% IF quicksearch %] [% IF quicksearch %]
[% new_url = BLOCK ~%] [% new_param = BLOCK ~%]
buglist.cgi?quicksearch=[% quicksearch FILTER uri %] quicksearch=[% quicksearch FILTER uri %]
[%~ IF cgi.param('list_id') ~%] [%~ IF cgi.param('list_id') ~%]
&list_id=[% cgi.param('list_id') FILTER uri %] &list_id=[% cgi.param('list_id') FILTER uri %]
[%~ END %] [%~ END %]
[% END %] [% END %]
[% ELSIF cgi.param('token') != '' %] [% ELSIF cgi.param('token') != '' %]
[% new_url = 'buglist.cgi?' [% new_param = cgi.canonicalise_query('token', 'cmdtype', 'remtype') %]
_ cgi.canonicalise_query('token', 'cmdtype', 'remtype') %] [% ELSE %]
[% new_param = cgi.canonicalise_query %]
[% END %] [% END %]
if (history && history.replaceState) { if (history && history.replaceState) {
history.replaceState(null, "[% unfiltered_title FILTER js %]", history.replaceState(null, "[% unfiltered_title FILTER js %]",
"[% new_url FILTER js %]"); "buglist.cgi?[% new_param FILTER js %]");
document.title = "[% unfiltered_title FILTER js %]"; document.title = "[% unfiltered_title FILTER js %]";
} }
[% javascript FILTER none %] [% javascript FILTER none %]
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment