** Changed in: mahara Status: Fix Committed => Fix Released ** Changed in: mahara Milestone: 1.5.0 => None
-- You received this bug notification because you are a member of Mahara Contributors, which is subscribed to Mahara. https://bugs.launchpad.net/bugs/817342 Title: Unencoded strings included in viewacl javascript Status in Mahara ePortfolio: Fix Released Status in Mahara 1.3 series: Fix Committed Status in Mahara 1.4 series: Fix Committed Bug description: The viewacl template has javascript which includes strings directly from the language pack in single quotes instead of json encoded. Strings containing single quotes will result in syntax errors and will stop the js from executing. I'll mark this as "security" till I've had a chance to discuss it with the others, but it's only exploitable by language pack maintainers, so it's probably better as public. To manage notifications about this bug go to: https://bugs.launchpad.net/mahara/+bug/817342/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~mahara-contributors Post to : mahara-contributors@lists.launchpad.net Unsubscribe : https://launchpad.net/~mahara-contributors More help : https://help.launchpad.net/ListHelp