Description of problem: User notification message should escape html characters from custom info Version-Release number of selected component (if applicable): * candlepin-0.8.21-1.el6sam.noarch * candlepin-scl-1-5.el6_4.noarch * candlepin-scl-quartz-2.1.5-5.el6_4.noarch * candlepin-scl-rhino-1.7R3-1.el6_4.noarch * candlepin-scl-runtime-1-5.el6_4.noarch * candlepin-selinux-0.8.21-1.el6sam.noarch * candlepin-tomcat6-0.8.21-1.el6sam.noarch * elasticsearch-0.19.9-8.el6sat.noarch * katello-candlepin-cert-key-pair-1.0-1.noarch * katello-certs-tools-1.4.2-2.el6sat.noarch * katello-cli-1.4.3-8.el6sat.noarch * katello-cli-common-1.4.3-8.el6sat.noarch * katello-common-1.4.3-9.el6sam_splice.noarch * katello-configure-1.4.4-3.el6sat.noarch * katello-glue-candlepin-1.4.3-9.el6sam_splice.noarch * katello-glue-elasticsearch-1.4.3-9.el6sam_splice.noarch * katello-headpin-1.4.3-9.el6sam_splice.noarch * katello-headpin-all-1.4.3-9.el6sam_splice.noarch * katello-selinux-1.4.4-2.el6sat.noarch * thumbslug-0.0.32-1.el6sam.noarch * thumbslug-selinux-0.0.32-1.el6sam.noarch How reproducible: Always Steps to Reproduce: 1. Navigate to SAM UI -> Administer -> Organizations -> Select an Organization -> Default Custom Info -> Distributor Default Custom Info 2. Add a default custom info key <blink>hi</blink> 3. Try to add the same custom info key <blink>hi</blink> again Actual results: The notification message does not escape the html characters for <blink>hi</blink>. (Screenshot attached) Expected results: The notification message should escape the html characters for <blink>hi</blink>. Additional info: The same issue happens for the Organizations -> Distributor Default Custom Info and System Default Custom Info
Created attachment 790565 [details] User notification_html characters not escaped
https://github.com/Katello/katello/pull/2836
VERIFIED. * candlepin-0.8.25-1.el6sam.noarch * candlepin-scl-1-5.el6_4.noarch * candlepin-scl-quartz-2.1.5-5.el6_4.noarch * candlepin-scl-rhino-1.7R3-1.el6_4.noarch * candlepin-scl-runtime-1-5.el6_4.noarch * candlepin-selinux-0.8.25-1.el6sam.noarch * candlepin-tomcat6-0.8.25-1.el6sam.noarch * elasticsearch-0.19.9-8.el6sat.noarch * katello-candlepin-cert-key-pair-1.0-1.noarch * katello-certs-tools-1.4.2-2.el6sat.noarch * katello-cli-1.4.3-10.el6sat.noarch * katello-cli-common-1.4.3-10.el6sat.noarch * katello-common-1.4.3-12.el6sam_splice.noarch * katello-configure-1.4.4-4.el6sat.noarch * katello-glue-candlepin-1.4.3-12.el6sam_splice.noarch * katello-glue-elasticsearch-1.4.3-12.el6sam_splice.noarch * katello-headpin-1.4.3-12.el6sam_splice.noarch * katello-headpin-all-1.4.3-12.el6sam_splice.noarch * katello-selinux-1.4.4-2.el6sat.noarch * thumbslug-0.0.34-1.el6sam.noarch * thumbslug-selinux-0.0.34-1.el6sam.noarch
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHEA-2013-1390.html