On most pages, like these:
https://ci.jenkins-ci.org/job/jenkins_rc_branch/changes
https://ci.jenkins-ci.org/user/kohsuke/
When the username is something like "Joe User <joe.user@example.com>", it is incorrectly escaped in the HTML as:
Joe User <joe.user@example.com>
Then on the changes page for a specific build:
https://ci.jenkins-ci.org/job/jenkins_rc_branch/300/changes
A username like the above wouldn't be escaped at all, so would be "Joe User <joe.user@example.com>" in the HTML.
Of course the proper way to escape this would be:
Joe User <joe.user@example.com>
We are using the mercurial plugin with rhodecode as the mercurial server, and I'm not sure if it's the job of the SCM plugin to escape these or whatever outputs the HTML, though I would think the latter.
- depends on
-
JENKINS-5452 Whitespace in the user ID
-
- Resolved
-
[JENKINS-16184] emails not escaped properly
Description |
Original:
On most pages, like these: https://ci.jenkins-ci.org/job/jenkins_rc_branch/changes https://ci.jenkins-ci.org/user/kohsuke/ When the username is something like "Joe User <joe.user@example.com>", it is incorrectly escaped in the HTML as: "Joe User <joe.user@example.com>" Then on the changes page for a specific build: https://ci.jenkins-ci.org/job/jenkins_rc_branch/300/changes A username like the above wouldn't be escaped at all, so would be "Joe User <joe.user@example.com>" in the HTML. We are using the mercurial plugin with rhodecode as the mercurial server, and I'm not sure if it's the job of the SCM plugin to escape these or whatever outputs the HTML, though I would think the latter. |
New:
On most pages, like these: https://ci.jenkins-ci.org/job/jenkins_rc_branch/changes https://ci.jenkins-ci.org/user/kohsuke/ When the username is something like "Joe User <joe.user@example.com>", it is incorrectly escaped in the HTML as: {code:xml}Joe User <joe.user@example.com>{code} Then on the changes page for a specific build: https://ci.jenkins-ci.org/job/jenkins_rc_branch/300/changes A username like the above wouldn't be escaped at all, so would be "Joe User <joe.user@example.com>" in the HTML. Of course the proper way to escape this would be: {code:xml}Joe User <joe.user@example.com>{code} We are using the mercurial plugin with rhodecode as the mercurial server, and I'm not sure if it's the job of the SCM plugin to escape these or whatever outputs the HTML, though I would think the latter. |
Component/s | New: core [ 15593 ] | |
Component/s | Original: www [ 15484 ] |
Link |
New:
This issue depends on |
Component/s | Original: core [ 15593 ] | |
Labels | Original: gui jenkins plugin | New: changelog escaping scm |
Component/s | New: core [ 15593 ] | |
Component/s | Original: mercurial [ 15502 ] | |
Assignee | Original: Jesse Glick [ jglick ] | New: Daniel Beck [ danielbeck ] |
Resolution | New: Fixed [ 1 ] | |
Status | Original: Open [ 1 ] | New: Resolved [ 5 ] |
Workflow | Original: JNJira [ 146990 ] | New: JNJira + In-Review [ 192179 ] |