Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
214,610 Commits 3,986 Branches 0 Tags
Commit Graph

147 Commits

Author SHA1 Message Date
mkanat%bugzilla.org
658daf014e Bug 619588: (CVE-2010-4567) [SECURITY] Safety checks that disallow clicking for javascript: or data: URLs in the URL field can be evaded with prefixed whitespace 
and

Bug 628034: (CVE-2011-0048) [SECURITY] For not-logged-in users, the URL field doesn't safeguard against javascript: or data: URLs

r=dkl a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@261813 18797224-902f-48f8-a5cc-f745e15eee43
 2011-01-24 18:53:58 +00:00
mkanat%bugzilla.org
9e4f5b4a62 Bug 474766: The [details] string is duplicated when replying to a comment containing a link to an attachment 
r/a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@261524 18797224-902f-48f8-a5cc-f745e15eee43
 2010-11-04 17:09:26 +00:00
mkanat%bugzilla.org
be69073790 Bug 605425: Non-english templates are no longer precompiled by checksetup 
r/a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@261435 18797224-902f-48f8-a5cc-f745e15eee43
 2010-10-20 23:03:45 +00:00
mkanat%bugzilla.org
24c5cf1e83 Bug 595380: Add a ?mtime string to all of the manually-inserted 
<script src> and <link href> tags in Bugzilla
r=glob, a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@261294 18797224-902f-48f8-a5cc-f745e15eee43
 2010-09-28 03:41:31 +00:00
mkanat%bugzilla.org
b75262ac7c Bug 586244: Make mod_expires and mod_headers optional 
r=glob, a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@261241 18797224-902f-48f8-a5cc-f745e15eee43
 2010-09-18 23:43:47 +00:00
mkanat%bugzilla.org
8bc3c8d20b Bug 583690: (CVE-2010-2759) [SECURITY][PostgreSQL] Bugzilla crashes when viewing a bug if a comment contains 'bug <num>' or 'attachment <num>' where <num> is greater than the max allowed integer 
r=mkanat a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@260976 18797224-902f-48f8-a5cc-f745e15eee43
 2010-08-04 22:22:01 +00:00
mkanat%bugzilla.org
a4c65bd8f6 Bug 584021: FILTER txt should also remove &nbsp; 
r/a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@260963 18797224-902f-48f8-a5cc-f745e15eee43
 2010-08-04 00:33:02 +00:00
mkanat%bugzilla.org
6116d87648 Bug 428313: Properly expire the browser's CSS and JS cache when there 
are new versions of those files. This also eliminates single-file skins
and should also allow Extensions to have skins.
r=glob, a=mkanat


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@260830 18797224-902f-48f8-a5cc-f745e15eee43
 2010-07-21 03:48:22 +00:00
mkanat%bugzilla.org
a90851bdd3 Bug 554964 - Show if a user is a "Default CC" under the Product Responsibilities section of editusers.cgi. 
[r=mkanat a=mkanat]


git-svn-id: svn://10.0.0.236/trunk@260638 18797224-902f-48f8-a5cc-f745e15eee43
 2010-07-06 00:49:13 +00:00
mkanat%bugzilla.org
44cb9bfaec Bug 455810 - Add autocomplete support to the keywords field 
* Special thanks to Guy Pyrzak for the original patch
[r=mkanat a=mkanat]


git-svn-id: svn://10.0.0.236/trunk@260625 18797224-902f-48f8-a5cc-f745e15eee43
 2010-07-05 07:46:50 +00:00
mkanat%bugzilla.org
9a13bbe14d Bug 545766: Figure out what columns can be reported on from the database, 
instead of from a static list
r=glob, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@260612 18797224-902f-48f8-a5cc-f745e15eee43
 2010-07-01 21:18:12 +00:00
mkanat%bugzilla.org
6add188323 Bug 24896: Make the First/Last/Prev/Next navigation on bugs work with 
multiple buglists at once
r=glob, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@260472 18797224-902f-48f8-a5cc-f745e15eee43
 2010-06-16 01:46:23 +00:00
mkanat%bugzilla.org
265b1534e0 Bug 565899: Make the html_linebreak filter safe by having it first call the 
"html" filter
r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@260339 18797224-902f-48f8-a5cc-f745e15eee43
 2010-05-19 17:33:03 +00:00
mkanat%bugzilla.org
e756b7dff3 Bug 566499 - "#c0 links have the wrong href" 
[r=LpSolit a=LpSolit]


git-svn-id: svn://10.0.0.236/trunk@260333 18797224-902f-48f8-a5cc-f745e15eee43
 2010-05-18 13:17:46 +00:00
mkanat%bugzilla.org
f7e990146a Bug 560009: Use firstidx from List::MoreUtils instead of lsearch 
r=timello, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@260217 18797224-902f-48f8-a5cc-f745e15eee43
 2010-04-22 18:16:55 +00:00
mkanat%bugzilla.org
4027c86c91 Bug 284650: Beginning a chart name with an "_" (underscore) causes errors 
r/a=mkanat


git-svn-id: svn://10.0.0.236/trunk@260169 18797224-902f-48f8-a5cc-f745e15eee43
 2010-04-08 10:33:08 +00:00
mkanat%bugzilla.org
64b15424b0 Bug 557780: Remove the unused .substr method in Template.pm 
r=glob a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@260164 18797224-902f-48f8-a5cc-f745e15eee43
 2010-04-07 14:31:44 +00:00
mkanat%bugzilla.org
ea01bb9b51 Bug 556429: Stop sending bugmail from inside the template 
r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@260155 18797224-902f-48f8-a5cc-f745e15eee43
 2010-04-05 23:32:33 +00:00
mkanat%bugzilla.org
1b0ab2c885 Bug 553923: Don't word-wrap messages and errors for the WebService 
r=dkl, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@260072 18797224-902f-48f8-a5cc-f745e15eee43
 2010-03-28 21:35:51 +00:00
mkanat%bugzilla.org
5754033260 Bug 498309: Speed up show_bug.cgi when there are many comments by caching 
field-descs globally for all template calls
r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@259959 18797224-902f-48f8-a5cc-f745e15eee43
 2010-03-14 00:46:13 +00:00
mkanat%bugzilla.org
3584a9ab78 Bug 508823: Make it so that you don't ever have to reset template_inner (like 
Bugzilla->template_inner("")).
r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@259847 18797224-902f-48f8-a5cc-f745e15eee43
 2010-03-01 01:46:32 +00:00
mkanat%bugzilla.org
418b3207ef Bug 547466: Release Notes for Bugzilla 3.6rc1 
r=LpSolit, r=gerv


git-svn-id: svn://10.0.0.236/trunk@259845 18797224-902f-48f8-a5cc-f745e15eee43
 2010-03-01 00:17:41 +00:00
mkanat%bugzilla.org
06a3ee7c4b Bug 545235: Simplify Bugzilla's language-choosing code 
r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@259842 18797224-902f-48f8-a5cc-f745e15eee43
 2010-02-28 23:32:04 +00:00
gerv%gerv.net
48969e49ad Bug 514703 - revert changes to bug link detection algorithm. r,a=LpSolit 
git-svn-id: svn://10.0.0.236/trunk@259352 18797224-902f-48f8-a5cc-f745e15eee43
 2010-01-07 15:04:09 +00:00
mkanat%bugzilla.org
7df8bdf4b9 Bug 525606: Make the template_before_process hook run whenever a template is loaded (including PROCESS and INCLUDE), not just when $template->process is called. 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@259240 18797224-902f-48f8-a5cc-f745e15eee43
 2009-12-17 05:27:12 +00:00
mkanat%bugzilla.org
c6637cd2b6 Bug 523762: Prevent the template_before_process hook from causing an infinite recursion when an error is thrown 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@259221 18797224-902f-48f8-a5cc-f745e15eee43
 2009-12-14 23:07:08 +00:00
mkanat%bugzilla.org
4af90d4d96 Bug 452919: Allow the "created an attachment" message in comments to be localized 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@259167 18797224-902f-48f8-a5cc-f745e15eee43
 2009-12-04 14:28:49 +00:00
mkanat%bugzilla.org
7488d682fc Bug 530960: Put hooks into template/default/hook instead of template/hook 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> (module owner) a=mkanat


git-svn-id: svn://10.0.0.236/trunk@259081 18797224-902f-48f8-a5cc-f745e15eee43
 2009-11-25 03:37:11 +00:00
mkanat%bugzilla.org
0768c3ab47 Post-checkin fix for bug 430012: Make checksetup not throw a warning when there are no extension templates that got compiled. 
git-svn-id: svn://10.0.0.236/trunk@259070 18797224-902f-48f8-a5cc-f745e15eee43
 2009-11-24 06:30:46 +00:00
mkanat%bugzilla.org
98a5bbf59c Bug 430014: Re-write the code hooks system so that it uses modules instead of individual .pl files 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> (module owner) a=mkanat


git-svn-id: svn://10.0.0.236/trunk@259069 18797224-902f-48f8-a5cc-f745e15eee43
 2009-11-24 06:09:55 +00:00
mkanat%bugzilla.org
a94fa810d0 Bug 430012: Make checksetup.pl precompile extension templates 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> (module owner) a=mkanat


git-svn-id: svn://10.0.0.236/trunk@259068 18797224-902f-48f8-a5cc-f745e15eee43
 2009-11-24 05:28:24 +00:00
mkanat%bugzilla.org
9f82f85fba Bug 523999: New Hook: template-before_create 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> (module owner) a=mkanat


git-svn-id: svn://10.0.0.236/trunk@259058 18797224-902f-48f8-a5cc-f745e15eee43
 2009-11-23 06:37:02 +00:00
mkanat%bugzilla.org
1ae47c24bd Bug 529416: (CVE-2009-3386) [SECURITY] Dependency lists display bug aliases even for bugs the user cannot access 
Patch by Dave Miller <justdave@bugzilla.org> r=LpSolit, r=mkanat, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@259032 18797224-902f-48f8-a5cc-f745e15eee43
 2009-11-19 02:09:45 +00:00
mkanat%bugzilla.org
c1a54b04b5 Bug 421265: Let the user easily override the language used to display HTML pages 
Patch by Jacques Supcik <jacques@supcik.org> r=mkanat, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@259010 18797224-902f-48f8-a5cc-f745e15eee43
 2009-11-18 07:06:47 +00:00
mkanat%bugzilla.org
6d95687b90 Bug 472217: Create a Bugzilla::Comment object and eliminate GetComments 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@258951 18797224-902f-48f8-a5cc-f745e15eee43
 2009-11-10 01:36:05 +00:00
mkanat%bugzilla.org
bc7313feed Bug 520948: Use Bugzilla->feature and feature_enabled everywhere instead of checking if modules are installed 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@258771 18797224-902f-48f8-a5cc-f745e15eee43
 2009-10-24 05:21:11 +00:00
mkanat%bugzilla.org
8a9244f543 Bug 394438: Add a hook for adding template vars to any page (Override Template->process) 
Patch by Matt Rogers <mattr@kde.org> r=mkanat, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@258738 18797224-902f-48f8-a5cc-f745e15eee43
 2009-10-20 23:08:05 +00:00
mkanat%bugzilla.org
59583fdc1a Bug 364254: Add hook to Bugzilla::Template::quoteUrls 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@258544 18797224-902f-48f8-a5cc-f745e15eee43
 2009-09-30 23:43:47 +00:00
mkanat%bugzilla.org
4f5ccb8607 Bug 509053: Implement Bugzilla->feature (feature_enabled in the templates), and use it to detect when PatchReader is available. 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@258543 18797224-902f-48f8-a5cc-f745e15eee43
 2009-09-30 22:39:32 +00:00
mkanat%bugzilla.org
b5842a2ee3 Bug 517793: Use the ENCODING parameter of Template Toolkit instead of having a custom parser object. This also fixes a memory leak on mod_perl. 
Patch by Max Kanat-Alexander <mkanat@buzgilla.org> r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@258508 18797224-902f-48f8-a5cc-f745e15eee43
 2009-09-26 23:37:31 +00:00
mkanat%bugzilla.org
2e6c934c2c Bug 208714: Make checksetup.pl move $datadir/template when it can't delete it 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> (module owner) a=mkanat


git-svn-id: svn://10.0.0.236/trunk@258185 18797224-902f-48f8-a5cc-f745e15eee43
 2009-08-20 05:55:06 +00:00
mkanat%bugzilla.org
c8661cf9f9 Bug 509108: Don't require a bug_list parameter to show the bug template (create the last_bug_list global template parameter) 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@258062 18797224-902f-48f8-a5cc-f745e15eee43
 2009-08-12 01:43:13 +00:00
mkanat%bugzilla.org
992afafa72 Bug 509045: Make "use_keywords" a global template variable instead of having to pass it to templates all the time 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@258054 18797224-902f-48f8-a5cc-f745e15eee43
 2009-08-11 04:34:22 +00:00
lpsolit%gmail.com
1e4aaee2be Bug 503980: show_bug.cgi doesn't properly escape <!-- inside bug summary - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=LpSolit 
git-svn-id: svn://10.0.0.236/trunk@258038 18797224-902f-48f8-a5cc-f745e15eee43
 2009-08-10 20:22:38 +00:00
mkanat%bugzilla.org
26408df70e Bug 508737: Allow Bugzilla::Template::get_bug_link to take a Bugzilla::Bug object if one is available 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@257960 18797224-902f-48f8-a5cc-f745e15eee43
 2009-08-06 15:02:59 +00:00
lpsolit%gmail.com
2158ba3c3b Bug 476305: Clean up and merge HTML filtering code - Patch by Vitaly Fedrushkov <vitaly.fedrushkov@gmail.com> r/a=LpSolit 
git-svn-id: svn://10.0.0.236/trunk@257714 18797224-902f-48f8-a5cc-f745e15eee43
 2009-07-16 01:30:52 +00:00
mkanat%bugzilla.org
ddf954b551 Bug 498318: Speed up field-descs.none.tmpl 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=bbaetz, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@257545 18797224-902f-48f8-a5cc-f745e15eee43
 2009-06-21 19:37:19 +00:00
lpsolit%gmail.com
0b38b8a03b Bug 487330: Links in comments pointing to patches should go to the 'diff' view rather than the plain text view, by default - Patch by uokrent@gmail.com r/a=LpSolit 
git-svn-id: svn://10.0.0.236/trunk@257274 18797224-902f-48f8-a5cc-f745e15eee43
 2009-05-23 18:19:08 +00:00
lpsolit%gmail.com
a78c19e2bb Bug 26257: [SECURITY] Bugzilla should prevent malicious webpages from making bugzilla users submit changes to bugs - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=LpSolit 
git-svn-id: svn://10.0.0.236/trunk@256020 18797224-902f-48f8-a5cc-f745e15eee43
 2009-02-02 18:34:40 +00:00
mkanat%bugzilla.org
4088e2081f Bug 219021: Only display email addresses to logged-in users 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@255976 18797224-902f-48f8-a5cc-f745e15eee43
 2009-01-29 21:22:39 +00:00