Opened 16 years ago
Closed 16 years ago
#5974 closed (fixed)
debug error page does not escape text in local vars section
| Reported by: | Owned by: | nobody | |
|---|---|---|---|
| Component: | Core (Other) | Version: | dev |
| Severity: | Keywords: | ||
| Cc: | Triage Stage: | Accepted | |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
I was triggering this by doing a post with text for a javascript alert box in one of the form fields. If the code or view that processes the request raises an Exception, then the error page will popup several alert boxes, one for each display of the request in the "Local vars" section. This was mentioned in comment:ticket:5880:8 and I hit this bug while debugging that ticket.
Change History (2)
comment:1 by , 16 years ago
| Triage Stage: | Unreviewed → Accepted |
|---|
comment:2 by , 16 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
(In [6704]) Fixed #5974 -- Added autoescaping for source code lines and local variables in
technical debug page.