Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
218,176 Commits 3,986 Branches 0 Tags
Commit Graph

78 Commits

Author SHA1 Message Date
bzrmirror%bugzilla.org
a3d4ea4500 Bug 947823: Replace gender-specific pronouns with gender-neutral pronouns 
r=gerv a=justdave


git-svn-id: svn://10.0.0.236/trunk@265260 18797224-902f-48f8-a5cc-f745e15eee43
 2014-02-27 09:00:54 +00:00
mkanat%bugzilla.org
ccca6b6569 Bug 878035: Do not disclose whether a user account exists or not when a user clicks "forgot password" 
r=dkl a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@264864 18797224-902f-48f8-a5cc-f745e15eee43
 2013-06-06 21:01:09 +00:00
mkanat%bugzilla.org
8e47ba629a Bug 787529: Use |use 5.10.1| everywhere 
r=wicked a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@264195 18797224-902f-48f8-a5cc-f745e15eee43
 2012-09-01 21:45:59 +00:00
mkanat%bugzilla.org
a02b700b3f Bug 706271: CSRF vulnerability in token.cgi allows possible unauthorized password reset e-mail request 
r=reed a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@264119 18797224-902f-48f8-a5cc-f745e15eee43
 2012-08-06 21:45:43 +00:00
mkanat%bugzilla.org
f1e9609b2b Bug 355596: Your password should be requested to confirm your email address change 
r/a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@263862 18797224-902f-48f8-a5cc-f745e15eee43
 2012-05-28 14:00:46 +00:00
mkanat%bugzilla.org
3363095594 Bug 752303: It is no longer possible to cancel an email address change when this one has already been confirmed 
r/a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@263837 18797224-902f-48f8-a5cc-f745e15eee43
 2012-05-18 14:45:41 +00:00
mkanat%bugzilla.org
d22395cdef Bug 319953: Missing real email syntax check 
r=glob a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@263298 18797224-902f-48f8-a5cc-f745e15eee43
 2012-01-23 16:17:04 +00:00
mkanat%bugzilla.org
3b5e8524aa Bug 680131: Replace the MPL 1.1 license by the MPL 2.0 one in all files, and add it to files which miss one 
r=kiko r=mkanat r=mrbball a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@263258 18797224-902f-48f8-a5cc-f745e15eee43
 2012-01-11 22:48:45 +00:00
mkanat%bugzilla.org
92c9d74c0b Bug 711714: (CVE-2011-3667) [SECURITY] The User.offer_account_by_email WebService method lets you create new user accounts independently of the value of Bugzilla::Auth::Verify::*::user_can_create_account 
r=glob a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@263204 18797224-902f-48f8-a5cc-f745e15eee43
 2011-12-28 22:17:49 +00:00
mkanat%bugzilla.org
9e8991ae10 Fix complains from 012throwables.t due to bug 677901 
git-svn-id: svn://10.0.0.236/trunk@262667 18797224-902f-48f8-a5cc-f745e15eee43
 2011-08-16 12:46:18 +00:00
mkanat%bugzilla.org
af736d2749 Bug 677901: Bugzilla crashes when no token is passed to token.cgi but the script expects one, because tokens are incorrectly validated 
r/a=mkanat


git-svn-id: svn://10.0.0.236/trunk@262660 18797224-902f-48f8-a5cc-f745e15eee43
 2011-08-16 01:31:25 +00:00
mkanat%bugzilla.org
5dcfbcc335 Bug 658929 - User autocomplete is very slow when there are lots of users in the profiles table 
r/a=mkanat


git-svn-id: svn://10.0.0.236/trunk@262460 18797224-902f-48f8-a5cc-f745e15eee43
 2011-07-05 16:16:29 +00:00
mkanat%bugzilla.org
ecf0f13ce8 Bug 565879: Merge ThrowCodeError("action_unrecognized"), ThrowUserError("no_valid_action") and ThrowCodeError("unknown_action") 
r=ghendricks a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@260347 18797224-902f-48f8-a5cc-f745e15eee43
 2010-05-20 15:46:29 +00:00
mkanat%bugzilla.org
c70c2cf9ff Bug 514913: Eliminate ssl="authenticated sessions" 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@258645 18797224-902f-48f8-a5cc-f745e15eee43
 2009-10-09 04:31:13 +00:00
mkanat%bugzilla.org
d76aadaf84 Bug 508189: (CVE-2009-3166) [SECURITY] Logging in after changing your password would expose your new password in the URL 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@258358 18797224-902f-48f8-a5cc-f745e15eee43
 2009-09-11 16:07:38 +00:00
lpsolit%gmail.com
5a156183bb Bug 349336: Automatically log in the user when he chooses his password to create his new account - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=mkanat 
git-svn-id: svn://10.0.0.236/trunk@258057 18797224-902f-48f8-a5cc-f745e15eee43
 2009-08-11 07:25:44 +00:00
bbaetz%acm.org
2a93772679 496856 - correct patch 
(original patch r/a=mkanat)


git-svn-id: svn://10.0.0.236/trunk@257474 18797224-902f-48f8-a5cc-f745e15eee43
 2009-06-12 06:18:39 +00:00
bbaetz%acm.org
aed90f4528 Bug 496856 - Fix token.cgi transaction handling 
git-svn-id: svn://10.0.0.236/trunk@257455 18797224-902f-48f8-a5cc-f745e15eee43
 2009-06-10 06:18:16 +00:00
lpsolit%gmail.com
2df7c38aa5 Bug 452519: Fix timezones in emails - Patch by Frédéric Buclin <LpSolit@gmail.com> r=wicked a=LpSolit 
git-svn-id: svn://10.0.0.236/trunk@255775 18797224-902f-48f8-a5cc-f745e15eee43
 2009-01-08 16:10:04 +00:00
lpsolit%gmail.com
dd7f611eda Bug 455814: token.cgi should reject password change requests for disabled accounts - Patch by Frédéric Buclin <LpSolit@gmail.com> r=ghendricks a=LpSolit 
git-svn-id: svn://10.0.0.236/trunk@254329 18797224-902f-48f8-a5cc-f745e15eee43
 2008-09-19 20:00:26 +00:00
lpsolit%gmail.com
3b4f17e3bd Bug 455815: Remove global variables from token.cgi - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=mkanat 
git-svn-id: svn://10.0.0.236/trunk@254322 18797224-902f-48f8-a5cc-f745e15eee43
 2008-09-18 22:39:12 +00:00
dkl%redhat.com
f51ff717a8 Bug 428659 – Setting SSL param to 'authenticated sessions' only protects logins and param 
doesn't protect WebService calls at all
Patch by David Lawrence <dkl@redhat.com> - r/a=LpSolit/mkanat


git-svn-id: svn://10.0.0.236/trunk@253665 18797224-902f-48f8-a5cc-f745e15eee43
 2008-08-18 04:16:14 +00:00
dkl%redhat.com
223ced6261 Backing out these patches as they cause a regression. More information 
in the respective bug reports.

Bug 428659 – Setting SSL param to 'authenticated sessions' only
protects logins and param doesn't protect WebService calls at all
Patch by Dave Lawrence <dkl@redhat.com> - r/a=mkanat

Bug 445104: ssl redirects come with a 200 OK HTTP code on mod_perl
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@253320 18797224-902f-48f8-a5cc-f745e15eee43
 2008-07-28 20:58:01 +00:00
dkl%redhat.com
fe2838832f Bug 428659 – Setting SSL param to 'authenticated sessions' only protects logins and param doesn't protect WebService calls at all 
Patch by Dave Lawrence <dkl@redhat.com> - r/a=mkanat


git-svn-id: svn://10.0.0.236/trunk@252948 18797224-902f-48f8-a5cc-f745e15eee43
 2008-07-10 04:56:22 +00:00
lpsolit%gmail.com
03b1e7c6dd Bug 405946: Some emails are not sent in the language chosen by the addressee - Patch by Frédéric Buclin <LpSolit@gmail.com> r=wurblzap a=LpSolit 
git-svn-id: svn://10.0.0.236/trunk@249006 18797224-902f-48f8-a5cc-f745e15eee43
 2008-04-02 17:46:56 +00:00
lpsolit%gmail.com
64903e283d Bug 403834: Replace table locks with database transactions in tokens, votes, and sanitycheck - Patch by Emmanuel Seyman <eseyman@linagora.com> r/a=mkanat 
git-svn-id: svn://10.0.0.236/trunk@239611 18797224-902f-48f8-a5cc-f745e15eee43
 2007-11-18 20:23:54 +00:00
mkanat%bugzilla.org
d7e641858a Bug 399954: Make Bugzilla able to hold its dependencies in a local directory 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@237891 18797224-902f-48f8-a5cc-f745e15eee43
 2007-10-19 06:46:19 +00:00
timeless%mozdev.org
cb69374fce Bug 238651 (a&b) Include the login name (in <code>) for "account_inexistent" error 
r=lpsolit a=lpsolit


git-svn-id: svn://10.0.0.236/trunk@230634 18797224-902f-48f8-a5cc-f745e15eee43
 2007-07-23 09:47:13 +00:00
timeless%mozdev.org
e2473ad484 Bug 365472 rename 'token_inexistent' to 'token_does_not_exist' or something 
r=lpsolit a=lpsolit


git-svn-id: svn://10.0.0.236/trunk@229594 18797224-902f-48f8-a5cc-f745e15eee43
 2007-07-10 07:08:12 +00:00
reed%reedloden.com
792703972c Bug 366466 - "flag notification mail has canceled spelled incorrectly" [p=reed r=timeless a=mkanat] 
git-svn-id: svn://10.0.0.236/trunk@221735 18797224-902f-48f8-a5cc-f745e15eee43
 2007-03-11 04:11:18 +00:00
wurblzap%gmail.com
534cc8b074 Bug 340538: Insecure dependency in exec while running with -T switch at /usr/lib/perl5/site_perl/5.8.6/Mail/Mailer/sendmail.pm line 16. 
Patch by Marc Schumann <wurblzap@gmail.com>,
r=LpSolit, a=myk


git-svn-id: svn://10.0.0.236/trunk@213922 18797224-902f-48f8-a5cc-f745e15eee43
 2006-10-20 18:52:24 +00:00
lpsolit%gmail.com
58b1b66792 Bug 281181: [SECURITY] It's way too easy to delete versions/components/milestones etc... - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk 
git-svn-id: svn://10.0.0.236/trunk@213652 18797224-902f-48f8-a5cc-f745e15eee43
 2006-10-14 22:02:10 +00:00
mkanat%bugzilla.org
8aa56fc69e Bug 349349: Use ->create from Bugzilla::Object instead of insert_new_user for Bugzilla::User 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk


git-svn-id: svn://10.0.0.236/trunk@208468 18797224-902f-48f8-a5cc-f745e15eee43
 2006-08-25 22:10:39 +00:00
lpsolit%gmail.com
b735434f6f Bug 87795: Creating an account should send token and wait for confirmation (prevent user account abuse) - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat r=bkor a=myk 
git-svn-id: svn://10.0.0.236/trunk@207935 18797224-902f-48f8-a5cc-f745e15eee43
 2006-08-19 18:12:00 +00:00
mkanat%bugzilla.org
680d743be8 Bug 173629: Clean up "my" variable scoping issues for mod_perl 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk


git-svn-id: svn://10.0.0.236/trunk@201662 18797224-902f-48f8-a5cc-f745e15eee43
 2006-07-06 06:12:05 +00:00
lpsolit%gmail.com
a698e74659 Bug 282121: Remove globals.pl from scripts that no longer use it - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk 
git-svn-id: svn://10.0.0.236/trunk@200489 18797224-902f-48f8-a5cc-f745e15eee43
 2006-06-21 00:44:48 +00:00
vladd%bugzilla.org
472254e3f1 Spelling in code comments patch: 'methids' -> 'methods'; patch by Vlad Dascalu <vladd@bugzilla.org>. 
git-svn-id: svn://10.0.0.236/trunk@200301 18797224-902f-48f8-a5cc-f745e15eee43
 2006-06-19 15:41:13 +00:00
mkanat%bugzilla.org
caee2e9858 Bug 300410: Bugzilla::Auth needs to be restructured to not require a BEGIN block 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk


git-svn-id: svn://10.0.0.236/trunk@196368 18797224-902f-48f8-a5cc-f745e15eee43
 2006-05-12 02:41:22 +00:00
lpsolit%gmail.com
c9a524756a Bug 332598: Move ValidatePassword() and DBNameToIdAndCheck() from globals.pl into User.pm - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk 
git-svn-id: svn://10.0.0.236/trunk@196144 18797224-902f-48f8-a5cc-f745e15eee43
 2006-05-07 20:13:49 +00:00
lpsolit%gmail.com
e334b85a95 Bug 312157: Remove $::template and $::vars from globals.pl - Patch by Olav Vitters <bugzilla-mozilla@bkor.dhs.org> r=LpSolit a=justdave 
git-svn-id: svn://10.0.0.236/trunk@182927 18797224-902f-48f8-a5cc-f745e15eee43
 2005-10-24 23:11:56 +00:00
lpsolit%gmail.com
f3ffc7a65b Bug 312307: Misused Throw*Error tags in code and templates - Patch by Dennis Melentyev <dennis.melentyev@infopulse.com.ua> r=LpSolit a=justdave 
git-svn-id: svn://10.0.0.236/trunk@182850 18797224-902f-48f8-a5cc-f745e15eee43
 2005-10-23 21:50:35 +00:00
lpsolit%gmail.com
ceab94d088 Bug 303697: Eliminate deprecated Bugzilla::DB routines from token.cgi - Patch by Teemu Mannermaa <wicked@etlicon.fi> r=LpSolit a=justdave 
git-svn-id: svn://10.0.0.236/trunk@182048 18797224-902f-48f8-a5cc-f745e15eee43
 2005-10-12 01:16:54 +00:00
bugreport%peshkin.net
205c3f3402 Bug 304583: Remove all remaining need to rederive inherited groups 
Patch by Joel Peshkin <bugreport@peshkin.net>
r=mkanat, a=justdave


git-svn-id: svn://10.0.0.236/trunk@178200 18797224-902f-48f8-a5cc-f745e15eee43
 2005-08-18 20:09:37 +00:00
lpsolit%gmail.com
88c468dba1 Bug 304653: remove 'use Bugzilla::Error' from Util.pm - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk 
git-svn-id: svn://10.0.0.236/trunk@177759 18797224-902f-48f8-a5cc-f745e15eee43
 2005-08-15 17:43:38 +00:00
lpsolit%gmail.com
b4d7cca746 Bug 301508: Remove CGI.pl - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat,wicked a=justdave 
git-svn-id: svn://10.0.0.236/trunk@177475 18797224-902f-48f8-a5cc-f745e15eee43
 2005-08-10 01:30:41 +00:00
lpsolit%gmail.com
a68c2a62b5 Bug 301453: Move CheckEmailSyntax out of CGI.pl - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk 
git-svn-id: svn://10.0.0.236/trunk@176363 18797224-902f-48f8-a5cc-f745e15eee43
 2005-07-20 21:24:19 +00:00
mkanat%kerio.com
7e57a969dd Bug 300336: Bugzilla::Auth should not contain any exported subroutines 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave


git-svn-id: svn://10.0.0.236/trunk@175984 18797224-902f-48f8-a5cc-f745e15eee43
 2005-07-13 03:57:02 +00:00
mkanat%kerio.com
595f9c7816 Bug 285695: [PostgreSQL] Username checks for login, etc. need to be case insensitive 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave


git-svn-id: svn://10.0.0.236/trunk@175810 18797224-902f-48f8-a5cc-f745e15eee43
 2005-07-08 02:31:43 +00:00
mkanat%kerio.com
a88c76e484 Bug 280503: Replace "LOCK/UNLOCK TABLES" with Bugzilla::DB function call 
Patch By Tomas Kopal <Tomas.Kopal@altap.cz> r=mkanat,a=myk


git-svn-id: svn://10.0.0.236/trunk@169333 18797224-902f-48f8-a5cc-f745e15eee43
 2005-02-17 21:57:27 +00:00
travis%sedsystems.ca
b63354eba2 Bug 280994 : Move ValidateNewUser out of globals.pl 
Patch by Max Kanat-Alexander <mkanat@kerio.com>  r=vladd  a=justdave


git-svn-id: svn://10.0.0.236/trunk@169041 18797224-902f-48f8-a5cc-f745e15eee43
 2005-02-09 06:42:43 +00:00