Bug 500891 - Need to escape snippet on snippet delete page
Need to escape snippet on snippet delete page
Status: CLOSED CURRENTRELEASE
Product: Red Hat Satellite 5
Classification: Red Hat
Component: WebUI (Show other bugs)
530
All Linux
high Severity high
: ---
: ---
Assigned To: Justin Sherrill
Steve Salevan
:
Depends On:
Blocks: 457075
  Show dependency treegraph
 
Reported: 2009-05-14 14:32 EDT by Justin Sherrill
Modified: 2009-09-10 15:25 EDT (History)
4 users (show)

See Also:
Fixed In Version: sat530
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-09-10 15:25:45 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Justin Sherrill 2009-05-14 14:32:15 EDT
Create a snippet with this text:

before
</pre>
after


Then go to delete it.  On the delete confirm page notice that the text wasn't escaped and the </pre> is actually rendered as html.  This is very bad, and we should escape it.
Comment 1 Partha Aji 2009-05-14 15:00:33 EDT
Should be fixed in the next next iso
Comment 3 Steve Salevan 2009-05-29 14:00:08 EDT
VERIFIED on 5/21 build.
Comment 4 Brad Buckingham 2009-07-28 21:05:00 EDT
Satellite-5.3.0-RHEL5-re20090724.0-i386-embedded-oracle.iso

Moving to RELEASE_PENDING.
Comment 5 Brandon Perkins 2009-09-10 15:25:45 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHEA-2009-1434.html

Note You need to log in before you can comment on or make changes to this bug.