Bug 220625 - "<input>" in string resulted in an input box on translation page
Summary: "<input>" in string resulted in an input box on translation page
Status: RESOLVED FIXED
Alias: None
Product: Babel
Classification: Technology
Component: Server (show other bugs)
Version: unspecified   Edit
Hardware: PC Windows XP
: P1 normal (vote)
Target Milestone: ---   Edit
Assignee: Babel server inbox CLA
QA Contact:
URL: /babel/index.php
Whiteboard:
Keywords:
: 220638 (view as bug list)
Depends on:
Blocks:
 
Reported: 2008-02-27 13:33 EST by Kit Lo CLA
Modified: 2008-03-03 09:39 EST (History)
1 user (show)

See Also:

Attachments
screen capture (63.79 KB, image/x-png)
2008-02-27 13:33 EST, Kit Lo CLA 		no flags Details
one problem left (64.31 KB, image/x-png)
2008-02-29 08:46 EST, Kit Lo CLA 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Kit Lo CLA 2008-02-27 13:33:52 EST 
Created attachment 90904 [details]
screen capture

"<input>" in string resulted in an input box on translation page.

Problem string: org.eclipse.ant.ui/Ant Runner Support/org/eclipse/ant/internal/ui/antsupport/AntSupportMessages.properties
Key: AntInputHandler_Unable_to_respond_to__input__request_4
Comment 1 Denis Roy CLA 2008-02-27 13:44:21 EST 
That is funny.

We need a filter_html($raw_html) function of some sort with will process HTML-bound strings and filter special characters (> to &gt;   < to &lt; etc...)
Comment 2 Gabe O'Brien CLA 2008-02-27 13:57:27 EST 
I was just thinking about ajax security and cross site scripting issues in relation to the babel server code.  So this bug is well timed.  Now I can look over those other issues while fixing a known bug!
Comment 3 Kit Lo CLA 2008-02-27 14:23:25 EST 
*** Bug 220638 has been marked as a duplicate of this bug. ***
Comment 4 Gabe O'Brien CLA 2008-02-27 14:27:12 EST 
I will fix this while I am working on bug #220625.
Comment 5 Gabe O'Brien CLA 2008-02-28 14:53:08 EST 
Fixed in code and will be live with next roll out.
Comment 6 Kit Lo CLA 2008-02-29 08:46:34 EST 
Created attachment 91175 [details]
one problem left

Not sure if all fixes have been applied to the Staging Server. I saw that 2 of the input boxes were fixed. I still see an input box in the String Translation pane.
Comment 7 Gabe O'Brien CLA 2008-02-29 12:22:40 EST 
I fixed the issue with that 3rd input box and the patch is up on the staging server.
Comment 8 Denis Roy CLA 2008-03-03 09:39:38 EST 
Fixed > R_0_200802291325