Bug 714664: The content of the "emailregexpdesc" parameter is not escaped when…

Bug 714664: The content of the "emailregexpdesc" parameter is not escaped when displayed to the user r=dkl a=LpSolit

Bug 714664: The content of the "emailregexpdesc" parameter is not escaped when…
f2b9d48c · Frédéric Buclin · 9dbc12f5 · f2b9d48c · f2b9d48c
Commit f2b9d48c authored Jan 06, 2012 by Frédéric Buclin
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

code-error.html.tmpl template/en/default/global/code-error.html.tmpl +1 -1

user-error.html.tmpl template/en/default/global/user-error.html.tmpl +1 -1

No files found.
--- a/template/en/default/global/code-error.html.tmpl
+++ b/template/en/default/global/code-error.html.tmpl
@@ -46,7 +46,7 @@
      A legal address must contain exactly one '@',
      and at least one '.' after the @.
    [% ELSE %]
-      [%+ Param('emailregexpdesc') %]
+      [%+ Param('emailregexpdesc') FILTER html_light %]
    [% END %]
    It must also not contain any of these special characters:
    <tt>\ ( ) &amp; &lt; &gt; , ; : &quot; [ ]</tt>, or any whitespace.

--- a/template/en/default/global/user-error.html.tmpl
+++ b/template/en/default/global/user-error.html.tmpl
@@ -852,7 +852,7 @@
      A legal address must contain exactly one '@',
      and at least one '.' after the @.
    [% ELSE %]
-      [%+ Param('emailregexpdesc') %]
+      [%+ Param('emailregexpdesc') FILTER html_light %]
    [% END %]
    It must also not contain any of these special characters:
    <tt>\ ( ) &amp; &lt; &gt; , ; : &quot; [ ]</tt>, or any whitespace.