Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
214,886 Commits 3,986 Branches 0 Tags
Commit Graph

171 Commits

Author SHA1 Message Date
bzrmirror%bugzilla.org
d858d86220 Bug 1090275: WebServices modules should maintain a whitelist of methods that are allowed instead of allowing access to any function imported into its namespace 
r=dylan,a=glob


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265791 18797224-902f-48f8-a5cc-f745e15eee43
 2015-01-21 21:00:45 +00:00
bzrmirror%bugzilla.org
13bf215d31 Bug 1036213 - (CVE-2014-1546) add '/**/' before jsonrpc.cgi callback to avoid swf content type sniff vulnerability 
r=glob,a=sgreen


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265472 18797224-902f-48f8-a5cc-f745e15eee43
 2014-07-24 17:30:45 +00:00
bzrmirror%bugzilla.org
3c049c8b28 Bug 942599: Documentation about possible_duplicates() lists 'products' as argument instead of 'product' 
r=dkl a=justdave


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265135 18797224-902f-48f8-a5cc-f745e15eee43
 2013-12-05 22:46:42 +00:00
mkanat%bugzilla.org
2e42bbc302 Bug 880653 - Add POD for Bug.possible_duplicates webservice 
r=LpSolit,a=sgreen


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264906 18797224-902f-48f8-a5cc-f745e15eee43
 2013-07-24 14:31:00 +00:00
mkanat%bugzilla.org
152b15ae2e Bug 787328 - xmlrpc.cgi doesn't send any security-related headers 
r=glob,a=justdave


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264890 18797224-902f-48f8-a5cc-f745e15eee43
 2013-07-15 04:01:28 +00:00
mkanat%bugzilla.org
19a66c4673 Bug 640756 - Make the documentation clearer that attachments created with Bug.add_attachment must by of type 'base64' when non-ASCII 
.
r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264470 18797224-902f-48f8-a5cc-f745e15eee43
 2012-11-20 19:16:20 +00:00
mkanat%bugzilla.org
636fa6afe1 Bug 781850 (CVE-2012-4198): [SECURITY] Do not leak the existence of groups when using User.get() 
r=dkl a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264425 18797224-902f-48f8-a5cc-f745e15eee43
 2012-11-13 17:46:24 +00:00
mkanat%bugzilla.org
ae0d2cb19e Fix typo 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264338 18797224-902f-48f8-a5cc-f745e15eee43
 2012-10-13 21:31:56 +00:00
mkanat%bugzilla.org
72066c1233 Bug 682317 - Bug.create is incorrectly documented as ignoring invalid fields; it should say it produces an error 
r=dkl, a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264114 18797224-902f-48f8-a5cc-f745e15eee43
 2012-08-03 17:01:30 +00:00
mkanat%bugzilla.org
bb5b08cc57 Bug 733458: The "creator" argument is listed twice for the Bug.search WebService method 
r/a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@263598 18797224-902f-48f8-a5cc-f745e15eee43
 2012-03-22 19:02:53 +00:00
mkanat%bugzilla.org
6a9ee8dc21 Bug 731219: Fix XMLRPC breakage when content-type contains a charset 
r=dkl, a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@263500 18797224-902f-48f8-a5cc-f745e15eee43
 2012-02-29 05:03:15 +00:00
mkanat%bugzilla.org
d568f97c43 Bug 725663 - (CVE-2012-0453) [SECURITY] CSRF vulnerability in the XML-RPC API when using mod_perl 
r/a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@263465 18797224-902f-48f8-a5cc-f745e15eee43
 2012-02-22 15:32:12 +00:00
mkanat%bugzilla.org
26e2568713 Bug 727240: The POD for Bug.attachments is wrong about the format of the returned data 
r=dkl a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@263407 18797224-902f-48f8-a5cc-f745e15eee43
 2012-02-14 22:24:30 +00:00
mkanat%bugzilla.org
d21ff6ea40 Bug 718319: (CVE-2012-0440) [SECURITY] JSON-RPC permits to bypass token checks and can lead to CSRF (no victim's action required) 
r=mkanat a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@263341 18797224-902f-48f8-a5cc-f745e15eee43
 2012-01-31 16:16:56 +00:00
mkanat%bugzilla.org
fcedb45128 Bug 706753: Bugzilla will not work with newest version of JSON::RPC 1.01 due to non-backward compatibility 
r=dkl r=mkanat a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@263226 18797224-902f-48f8-a5cc-f745e15eee43
 2012-01-05 01:02:37 +00:00
mkanat%bugzilla.org
118c8d3319 Bug 711714: (CVE-2011-3667) [SECURITY] The User.offer_account_by_email WebService method lets you create new user accounts independently of the value of Bugzilla::Auth::Verify::*::user_can_create_account 
r=dkl a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@263205 18797224-902f-48f8-a5cc-f745e15eee43
 2011-12-28 22:21:31 +00:00
mkanat%bugzilla.org
de0268f582 Bug 657290: Bug.add_attachment() stores truncated timestamps in the DB (seconds are missing) 
r=dkl a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@263137 18797224-902f-48f8-a5cc-f745e15eee43
 2011-12-06 12:05:31 +00:00
mkanat%bugzilla.org
0b85a2884f Bug 692354: Incorrect parameter type in WebServices documentation for Bug.add_comment 
r/a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@263135 18797224-902f-48f8-a5cc-f745e15eee43
 2011-12-05 21:35:28 +00:00
mkanat%bugzilla.org
a644285360 Bug 691243: Fix typo 
r/a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@262987 18797224-902f-48f8-a5cc-f745e15eee43
 2011-10-15 13:35:13 +00:00
mkanat%bugzilla.org
bc09cda02b Bug 653477: (CVE-2011-2380) [SECURITY] Group names can be guessed when creating or editing a bug 
r=mkanat a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@262581 18797224-902f-48f8-a5cc-f745e15eee43
 2011-08-04 20:17:35 +00:00
mkanat%bugzilla.org
21c4f5f0a6 Bug 600810: Use XMLRPC::Transport::HTTP:Apache as base class under mod_perl 
r/a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@262511 18797224-902f-48f8-a5cc-f745e15eee43
 2011-07-20 17:01:25 +00:00
mkanat%bugzilla.org
1af3f824a7 Bug 653341: Bug.create() fails to error out if an invalid group is passed 
r/a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@262298 18797224-902f-48f8-a5cc-f745e15eee43
 2011-05-06 21:05:42 +00:00
mkanat%bugzilla.org
8041edb04a Bug 633055: Make Bug.legal_values explicitly throw an error if you pass "undef" 
for the "field" parameter
r=dkl, a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@261939 18797224-902f-48f8-a5cc-f745e15eee43
 2011-02-14 20:31:54 +00:00
mkanat%bugzilla.org
07dd9f4c2b Bug 609538: Make the JSON-RPC interface support UTF-8 when a recent version 
of LWP is installed
r=dkl, a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@261937 18797224-902f-48f8-a5cc-f745e15eee43
 2011-02-14 20:22:19 +00:00
mkanat%bugzilla.org
5332cf908b Bug 633422: Fix the documentation for User.get's include_disabled parameter 
and make User.get check that its required parameters are passed.
r=LpSolit, a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@261932 18797224-902f-48f8-a5cc-f745e15eee43
 2011-02-14 07:51:04 +00:00
mkanat%bugzilla.org
9be0b6a917 Bug 606511 - Bug.search should allow use of include_fields and exclude_fields 
r/a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@261921 18797224-902f-48f8-a5cc-f745e15eee43
 2011-02-11 22:03:34 +00:00
mkanat%bugzilla.org
3dcad3da1a Fix a POD compilation error. 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@261914 18797224-902f-48f8-a5cc-f745e15eee43
 2011-02-11 01:06:30 +00:00
mkanat%bugzilla.org
f891421dc0 Fix the POD of Bug.add_attachment to reflect that it now automatically 
picks the content_type of text/plain when you set is_patch to true.


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@261913 18797224-902f-48f8-a5cc-f745e15eee43
 2011-02-11 01:04:58 +00:00
mkanat%bugzilla.org
e9f214ef14 Bug 633041: Add an error code for zero_length_file and fill in content_type 
for patches when content_type is missing in Bug.add_attachment in the
WebService
r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@261912 18797224-902f-48f8-a5cc-f745e15eee43
 2011-02-11 00:33:27 +00:00
mkanat%bugzilla.org
94c2468a8b Bug 622679 - Autocomplete suggests inactive/disabled accounts as matches 
r/a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@261854 18797224-902f-48f8-a5cc-f745e15eee43
 2011-01-27 22:16:52 +00:00
mkanat%bugzilla.org
cb16644b08 Bug 588013: Fix typo 
r/a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@261692 18797224-902f-48f8-a5cc-f745e15eee43
 2010-12-27 22:05:20 +00:00
mkanat%bugzilla.org
277d3ec810 Bug 617477: Fix numerous consistency and behavior issues surrounding Bug.update 
and Bugzilla::Bug. See https://bugzilla.mozilla.org/show_bug.cgi?id=617477#c2
for details.
r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@261654 18797224-902f-48f8-a5cc-f745e15eee43
 2010-12-13 21:04:01 +00:00
mkanat%bugzilla.org
9f4af6173f Bug 617030 - Add an error code for json_rpc_invalid_callback, and fix the 
regex used by _bz_callback in Bugzilla::WebService::Server::JSONRPC to
accept numbers other than 0 or 1.
r=LpSolit, a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@261631 18797224-902f-48f8-a5cc-f745e15eee43
 2010-12-06 19:18:34 +00:00
mkanat%bugzilla.org
456003fca2 Bug 605573: List all available WebService methods at the top of the POD 
r/a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@261525 18797224-902f-48f8-a5cc-f745e15eee43
 2010-11-04 17:09:27 +00:00
mkanat%bugzilla.org
32a1634518 Bug 607966: Use of qw(...) as parentheses is deprecated since Perl 5.13.5 
r=gerv a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@261490 18797224-902f-48f8-a5cc-f745e15eee43
 2010-10-28 15:35:02 +00:00
mkanat%bugzilla.org
814dbe1463 Bug 602458: Add is_mandatory to Bug.fields output 
r=timello, a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@261473 18797224-902f-48f8-a5cc-f745e15eee43
 2010-10-27 08:12:13 +00:00
mkanat%bugzilla.org
f28de274c1 Bug 578513: Rename cc_accessible and reporter_accessible to is_cc_accessible 
and is_reporter_accessible in the WebService.
r=timello, a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@261451 18797224-902f-48f8-a5cc-f745e15eee43
 2010-10-23 00:07:14 +00:00
mkanat%bugzilla.org
7f5fe712ec Bug 598014: Document how to mark the initial comment as private when using Bug.create() 
r/a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@261440 18797224-902f-48f8-a5cc-f745e15eee43
 2010-10-21 00:01:45 +00:00
mkanat%bugzilla.org
a3c230bf03 Bug 575947: Users with passwords length less than 6 characters can't login after migration from 3.4.x or older to 3.6 or newer 
r/a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@261395 18797224-902f-48f8-a5cc-f745e15eee43
 2010-10-14 00:53:22 +00:00
mkanat%bugzilla.org
9a85ff4ac1 Bug 573195: Make Bug.get return all of a bug's standard and custom field 
information
r=dkl, a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@261302 18797224-902f-48f8-a5cc-f745e15eee43
 2010-09-30 01:03:22 +00:00
mkanat%bugzilla.org
1ee07e55b6 Bug 583622: email_in.pl doesn't let me set timetracking fields 
r/a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@260939 18797224-902f-48f8-a5cc-f745e15eee43
 2010-08-02 01:49:26 +00:00
mkanat%bugzilla.org
263544534f Bug 579514: Make Bug.attachments also return attachment data 
r=dkl, a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@260827 18797224-902f-48f8-a5cc-f745e15eee43
 2010-07-20 22:03:21 +00:00
mkanat%bugzilla.org
2fc87bb4db The changes to accept positional parameters in XML-RPC meant that sometimes 
$params wouldn't just be undef, but actually missing, so validate() was
getting @keys where $params should have been.


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@260766 18797224-902f-48f8-a5cc-f745e15eee43
 2010-07-14 04:04:43 +00:00
mkanat%bugzilla.org
dad4debae5 Bug 577765: Allow XML-RPC to accept multiple positional parameters 
r=ghendricks, a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@260758 18797224-902f-48f8-a5cc-f745e15eee43
 2010-07-13 23:27:05 +00:00
mkanat%bugzilla.org
2c91534083 Bug 412074: Ability to add attachments to a bug via the WebService 
(Bug.add_attachment)
r=timello, a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@260748 18797224-902f-48f8-a5cc-f745e15eee43
 2010-07-13 22:48:31 +00:00
mkanat%bugzilla.org
c07a6591c2 alias_not_allowed should be multiple_alias_not_allowed 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@260727 18797224-902f-48f8-a5cc-f745e15eee43
 2010-07-13 02:23:04 +00:00
mkanat%bugzilla.org
77cf5d275c Bug 415813: Implement Bug.update() as an API for WebServices 
r=dkl, a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@260726 18797224-902f-48f8-a5cc-f745e15eee43
 2010-07-13 01:51:32 +00:00
mkanat%bugzilla.org
e2efc625e8 Bug 577415: Allow positional parameters for XML-RPC, because Testopia 
uses them.
r=ghendricks, a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@260682 18797224-902f-48f8-a5cc-f745e15eee43
 2010-07-08 20:35:21 +00:00
mkanat%bugzilla.org
7b163c4a83 Bug 574995: Make the WebService return reporter, attachment submitter, and 
commenter all as "creator"
r=timello, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@260653 18797224-902f-48f8-a5cc-f745e15eee43
 2010-07-06 22:16:34 +00:00
mkanat%bugzilla.org
d275436852 Bug 577049: POD must mention Bugzilla 4.0 instead of 3.8 
r/a=mkanat


git-svn-id: svn://10.0.0.236/trunk@260649 18797224-902f-48f8-a5cc-f745e15eee43
 2010-07-06 17:31:55 +00:00