Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-14384

Project name that contains double-quote is not properly escaped on Issue Navigator page

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Medium
    • 3.12.2
    • 3.11
    • None

    Description

      If a project has a double-quote in its name, it's not xml-escaped when used in "title" attribute. For example, if we have a project named 14" monitors, the html will look like:

      <select name="pid" ....>
      <option title="14" monitors" value="10000" >14" monitors</option>

      This causes JIRA Client to hiccup on this page and lose a lot of functionality. On web browser, the title is displayed incorrectly.

      I can only imagine what would happen if a project contained the following characters: "></html>

      Attachments

        Activity

          People

            dushan@atlassian.com Dushan Hanuska [Atlassian]
            bbf762edcc79 Igor Sereda [ALM Works]
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - 3h
                3h
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 2.5h Time Not Required
                2.5h