Closed fwenzel closed 11 years ago
Oops :(
Might want to encode the keys, also, but the risk there is smaller because they are well-defined.
Also, I didn't know you were shepherding the BugzillaJS add-on now, @Rik. Cool!
I figured it wasn't a big deal for the keys. If it is, we'll fix it :)
Yeah, I started just updating the SDK so that it wouldn't break. And for some reason, @gkoberger is not really interested in Bugzilla anymore :)
https://bugzilla.mozilla.org/show_bug.cgi?id=876889 -- click on "browse" next to the component. There's an unescaped & in there.
https://github.com/gkoberger/BugzillaJS/blob/master/includes/bugzilla-misc.js#L96
_build_query_string
needs to escape stuff properly.