diff options
author | Dylan William Hardison <dylan@hardison.net> | 2016-05-13 13:34:19 -0400 |
---|---|---|
committer | Dylan William Hardison <dylan@hardison.net> | 2016-05-13 13:35:22 -0400 |
commit | a59f1e99c2285b2802a3da45658095b121d0f5cb (patch) | |
tree | 920f18b47b0c1d815b759edd9a3ad07286813c42 | |
parent | Add build.platform = linux64, machine.platform = linux64 to taskgraph.json to... (diff) | |
download | bugzilla-a59f1e99c2285b2802a3da45658095b121d0f5cb.tar.gz bugzilla-a59f1e99c2285b2802a3da45658095b121d0f5cb.tar.bz2 bugzilla-a59f1e99c2285b2802a3da45658095b121d0f5cb.zip |
Bug 1250114 - XSS possible in extensions calling global/tabs.html.tmpl if tab.link is user-controlled
-rw-r--r-- | template/en/default/global/tabs.html.tmpl | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/template/en/default/global/tabs.html.tmpl b/template/en/default/global/tabs.html.tmpl index 9cf5a897b..511640477 100644 --- a/template/en/default/global/tabs.html.tmpl +++ b/template/en/default/global/tabs.html.tmpl @@ -25,7 +25,7 @@ [% tab.label FILTER html %]</td> [% ELSE %] <td id="tab_[% tab.name FILTER html %]" class="clickable_area" - onClick="document.location='[% tab.link FILTER html %]'"> + onClick="document.location='[% tab.link FILTER js FILTER html %]'"> <a href="[% tab.link FILTER html %]">[% tab.label FILTER html %]</a> </td> [% END %] |