Labels: Type-Defect Priority-Medium
New issue 2849 by buck.a...@gmail.com: HTML not properly escaped in review
What version are you running?
What's the URL of the page containing the problem?
What steps will reproduce the problem?
1. Add a review comment containing "&"
2. Save the comment, but don't post it.
3. Click "edit review" at the top of the page.
What is the expected output? What do you see instead?
"&" has turned into "&", leading me to believe that HTML isn't being
properly escaped somewhere in the review editor.
What operating system are you using? What browser?
Windows. Firefox 17.0.1 and Chrome 23.0.1271.97.
Please provide any additional information below.
You received this message because you are subscribed to the Google Groups
To post to this group, send email to email@example.com.
To unsubscribe from this group, send email to
For more options, visit this group at