Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
214,844 Commits 3,986 Branches 0 Tags
Commit Graph

63 Commits

Author SHA1 Message Date
mkanat%bugzilla.org
91f1886684 Bug 842038: (CVE-2013-0785) [SECURITY] XSS in show_bug.cgi when using an invalid page format 
r=glob a=LpSolit


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@264770 18797224-902f-48f8-a5cc-f745e15eee43
 2013-02-19 17:33:12 +00:00
lpsolit%gmail.com
e23819934e Bug 505039: Use $user->is_timetracker instead of $user->in_group(Bugzilla->params->{'timetrackinggroup'}) - Patch by XqueZme <xquezme@gmail.com> r/a=LpSolit 
git-svn-id: svn://10.0.0.236/trunk@258957 18797224-902f-48f8-a5cc-f745e15eee43
 2009-11-10 16:31:51 +00:00
mkanat%bugzilla.org
4f5ccb8607 Bug 509053: Implement Bugzilla->feature (feature_enabled in the templates), and use it to detect when PatchReader is available. 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@258543 18797224-902f-48f8-a5cc-f745e15eee43
 2009-09-30 22:39:32 +00:00
mkanat%bugzilla.org
c8661cf9f9 Bug 509108: Don't require a bug_list parameter to show the bug template (create the last_bug_list global template parameter) 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@258062 18797224-902f-48f8-a5cc-f745e15eee43
 2009-08-12 01:43:13 +00:00
mkanat%bugzilla.org
992afafa72 Bug 509045: Make "use_keywords" a global template variable instead of having to pass it to templates all the time 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@258054 18797224-902f-48f8-a5cc-f745e15eee43
 2009-08-11 04:34:22 +00:00
lpsolit%gmail.com
27ab2437a1 Bug 508416: Bug flags are always displayed in the XML view of bugs - Patch by Frédéric Buclin <LpSolit@gmail.com> r=ghendricks a=LpSolit 
git-svn-id: svn://10.0.0.236/trunk@257945 18797224-902f-48f8-a5cc-f745e15eee43
 2009-08-05 01:28:54 +00:00
ghendricks%novell.com
070b5673ee Bug 476678 - Rich clients unable to update bugs need security token included in bug xml 
patch by ghendricks@novell.com r=LpSolit a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@256120 18797224-902f-48f8-a5cc-f745e15eee43
 2009-02-05 18:40:14 +00:00
lpsolit%gmail.com
ae73466cc0 Bug 471880: More scripts should use the shadow DB instead of the master DB - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=LpSolit 
git-svn-id: svn://10.0.0.236/trunk@255917 18797224-902f-48f8-a5cc-f745e15eee43
 2009-01-25 12:42:52 +00:00
mkanat%bugzilla.org
1d59fd5f61 Bug 452734: Remove the keyword chooser, because it's a usability regression 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@254284 18797224-902f-48f8-a5cc-f745e15eee43
 2008-09-17 23:49:08 +00:00
mkanat%bugzilla.org
a055800100 Bug 440612 – Use Bugzilla::Bug->check everywhere instead of ValidateBugID 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@252689 18797224-902f-48f8-a5cc-f745e15eee43
 2008-06-29 21:58:05 +00:00
lpsolit%gmail.com
3740fbbeb9 Bug 425665: [SECURITY] XSS in show_bug.cgi: id isn't filtered for format=multiple - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat r=wurblzap a=LpSolit 
git-svn-id: svn://10.0.0.236/trunk@251177 18797224-902f-48f8-a5cc-f745e15eee43
 2008-05-05 00:05:51 +00:00
mkanat%bugzilla.org
d7e641858a Bug 399954: Make Bugzilla able to hold its dependencies in a local directory 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@237891 18797224-902f-48f8-a5cc-f745e15eee43
 2007-10-19 06:46:19 +00:00
lpsolit%gmail.com
d60bedb7aa Bug 80169: JavaScript-enhanced keyword editing - Patch by Teemu Mannermaa <wicked@etlicon.fi> r=justdave a=LpSolit 
git-svn-id: svn://10.0.0.236/trunk@226386 18797224-902f-48f8-a5cc-f745e15eee43
 2007-05-14 17:56:32 +00:00
reed%reedloden.com
28077b383d Bug 364835 - "current bug number should be filled in in "to bugs" input box to simplify tagging" [p=reed r=bkor a=justdave] 
git-svn-id: svn://10.0.0.236/trunk@217447 18797224-902f-48f8-a5cc-f745e15eee43
 2006-12-27 01:21:32 +00:00
lpsolit%gmail.com
9595f6a4b2 Bug 346564: [SECURITY] timetracking deadline leaks in XML - Patch by Olav Vitters <bugzilla-mozilla@bkor.dhs.org> r=LpSolit a=justdave 
git-svn-id: svn://10.0.0.236/trunk@213651 18797224-902f-48f8-a5cc-f745e15eee43
 2006-10-14 21:47:32 +00:00
mkanat%bugzilla.org
38250a7a07 Bug 283582: Remove UserInGroup in favor of Bugzilla->user->in_group 
Patch By victory(_RSZ_) <bmo2007@rsz.jp> r=mkanat, a=myk


git-svn-id: svn://10.0.0.236/trunk@209135 18797224-902f-48f8-a5cc-f745e15eee43
 2006-09-04 16:21:49 +00:00
mkanat%bugzilla.org
e57a140c9b Bug 348057: Move the checks for bug visibility out of Bugzilla::Bug->new 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk


git-svn-id: svn://10.0.0.236/trunk@207194 18797224-902f-48f8-a5cc-f745e15eee43
 2006-08-11 23:45:08 +00:00
mkanat%bugzilla.org
520fe42625 Bug 338375: Use Bugzilla->params everywhere instead of Param(). 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave


git-svn-id: svn://10.0.0.236/trunk@201503 18797224-902f-48f8-a5cc-f745e15eee43
 2006-07-03 21:42:47 +00:00
mkanat%bugzilla.org
8323e09c40 Bug 342869: Use Bugzilla->params everywhere except templates 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave


git-svn-id: svn://10.0.0.236/trunk@201499 18797224-902f-48f8-a5cc-f745e15eee43
 2006-07-03 21:26:22 +00:00
lpsolit%gmail.com
a698e74659 Bug 282121: Remove globals.pl from scripts that no longer use it - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk 
git-svn-id: svn://10.0.0.236/trunk@200489 18797224-902f-48f8-a5cc-f745e15eee43
 2006-06-21 00:44:48 +00:00
lpsolit%gmail.com
f952ed05cf Bug 304601: Bugzilla::Config's :locations exports need to be in their own module - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat for the main patch, r=myk for the patch about CGI.pm a=justdave 
Bug 328637: Remove all legal_* versioncache arrays - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=justdave

Bug 110503 - Eliminate versioncache


git-svn-id: svn://10.0.0.236/trunk@200347 18797224-902f-48f8-a5cc-f745e15eee43
 2006-06-19 20:15:18 +00:00
lpsolit%gmail.com
6bcef64942 Bug 341924: When viewing several bugs at once using show_bug.cgi?format=multiple, invalid bugs should generate an error message - Patch by Frédéric Buclin <LpSolit@gmail.com> r=timeless a=myk 
git-svn-id: svn://10.0.0.236/trunk@200254 18797224-902f-48f8-a5cc-f745e15eee43
 2006-06-18 23:11:59 +00:00
mkanat%bugzilla.org
caee2e9858 Bug 300410: Bugzilla::Auth needs to be restructured to not require a BEGIN block 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk


git-svn-id: svn://10.0.0.236/trunk@196368 18797224-902f-48f8-a5cc-f745e15eee43
 2006-05-12 02:41:22 +00:00
mkanat%kerio.com
7d052f9cce Bug 328638: Remove @::legal_keywords and %::keywordsbyname 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave


git-svn-id: svn://10.0.0.236/trunk@192033 18797224-902f-48f8-a5cc-f745e15eee43
 2006-03-09 00:09:00 +00:00
lpsolit%gmail.com
9c04670d27 Bug 287325: Ability to add custom plain-text fields to a Bug - Patch by Myk Melez <myk@mozilla.org> r=mkanat a=justdave 
git-svn-id: svn://10.0.0.236/trunk@190671 18797224-902f-48f8-a5cc-f745e15eee43
 2006-02-21 13:08:24 +00:00
lpsolit%gmail.com
64f1a95f02 Bug 304075: Eliminate use of $::userid from Bugzilla - Patch by Frédéric Buclin <LpSolit@gmail.com> r=wicked a=justdave 
git-svn-id: svn://10.0.0.236/trunk@183259 18797224-902f-48f8-a5cc-f745e15eee43
 2005-10-30 21:31:29 +00:00
lpsolit%gmail.com
e334b85a95 Bug 312157: Remove $::template and $::vars from globals.pl - Patch by Olav Vitters <bugzilla-mozilla@bkor.dhs.org> r=LpSolit a=justdave 
git-svn-id: svn://10.0.0.236/trunk@182927 18797224-902f-48f8-a5cc-f745e15eee43
 2005-10-24 23:11:56 +00:00
lpsolit%gmail.com
870e9e3cbd Bug 302669 (2nd part): show_bug.cgi?ctype=xml should allow the option of exporting attachment data - Patch by Greg Hendricks <ghendricks@novell.com> r/a=myk 
git-svn-id: svn://10.0.0.236/trunk@179788 18797224-902f-48f8-a5cc-f745e15eee43
 2005-09-07 12:05:13 +00:00
lpsolit%gmail.com
75150a5a61 Bug 208761: Move GetFormat() from globals.pl into Bugzilla::Template - Patch by Frédéric Buclin <LpSolit@gmail.com> r=wicked a=justdave 
git-svn-id: svn://10.0.0.236/trunk@178944 18797224-902f-48f8-a5cc-f745e15eee43
 2005-08-25 14:02:41 +00:00
lpsolit%gmail.com
d3b4e4cb64 Bug 304725: keywords aren't displayed in show_bug.cgi when format=multiple - Patch by Rob Siklos <robzilla@siklos.ca> r=LpSolit a=myk 
git-svn-id: svn://10.0.0.236/trunk@178566 18797224-902f-48f8-a5cc-f745e15eee43
 2005-08-21 20:56:12 +00:00
lpsolit%gmail.com
b4d7cca746 Bug 301508: Remove CGI.pl - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat,wicked a=justdave 
git-svn-id: svn://10.0.0.236/trunk@177475 18797224-902f-48f8-a5cc-f745e15eee43
 2005-08-10 01:30:41 +00:00
travis%sedsystems.ca
7351a5b76b Bug 283581 : Move UserInGroup out of globals.pl 
Patch by Colin Ogilvie <colin.ogilvie@gmail.com>   r=mkanat  a=justdave


git-svn-id: svn://10.0.0.236/trunk@170734 18797224-902f-48f8-a5cc-f745e15eee43
 2005-03-15 22:10:14 +00:00
justdave%bugzilla.org
bca966aff7 [SECURITY] Bug 263780: Exporting a bug to XML exposes user comments and attachment summaries which are marked as private to users who are not members of the group allowed to see private comments and attachments. XML export is not exposed in the user interface, but is available to anyone who knows the correct URL to invoke it. This only affects sites that use the 'insidergroup' feature. 
Patch by Joel Peshkin <bugreport@peshkin.net>
r=vladd,justdave, a=justdave


git-svn-id: svn://10.0.0.236/trunk@164337 18797224-902f-48f8-a5cc-f745e15eee43
 2004-10-25 07:26:57 +00:00
timeless%mozdev.org
b37a798e99 Bug 259452 Add bonsai style &mark support to showbug for bug comments 
r=kiko a=justdave


git-svn-id: svn://10.0.0.236/trunk@162618 18797224-902f-48f8-a5cc-f745e15eee43
 2004-09-21 19:56:19 +00:00
jocuri%softhome.net
35e0719e5b Patch for bug 87770: make attachment.cgi work with no parameters; patch by GavinS <bugzilla@chimpychompy.org>; r=kiko; a=myk. 
git-svn-id: svn://10.0.0.236/trunk@154676 18797224-902f-48f8-a5cc-f745e15eee43
 2004-04-10 15:08:21 +00:00
kiko%async.com.br
4382f2bf77 Fix for bug 238868: remove %FORM and %COOKIE from show_bug.cgi. Does 
that, swapping them for calls to cgi->param/cookie. r=vladd,justdave; a=justdave.


git-svn-id: svn://10.0.0.236/trunk@154447 18797224-902f-48f8-a5cc-f745e15eee43
 2004-04-01 23:46:11 +00:00
kiko%async.com.br
319f68a68e Fix for bug 234175: Remove deprecated ConnectToDatabase() and 
quietly_check_login()/confirm_login() calls.  Cleans up callsites
(consisting of most of our CGIs), swapping (where appropriate) for calls
to Bugzilla->login. Patch by Teemu Mannermaa <wicked@etlicon.fi>.
r=bbaetz, kiko. a=justdave.


git-svn-id: svn://10.0.0.236/trunk@154331 18797224-902f-48f8-a5cc-f745e15eee43
 2004-03-27 03:51:44 +00:00
justdave%syndicomm.com
e099454c93 Bug 192516: Moving the loose .pm files into the Bugzilla directory, where they belong. These files pre-date the Bugzilla directory, and would have gone there had it existed at the time. The four files in question were copied on the CVS server to preserve CVS history in the files. This checkin deletes them from the old location and modifies everything else to know where they are now. 
r= myk, gerv
a= justdave


git-svn-id: svn://10.0.0.236/trunk@154078 18797224-902f-48f8-a5cc-f745e15eee43
 2004-03-18 03:57:05 +00:00
jkeiser%netscape.com
1b7dc26697 Check for PatchReader as a part of the installation and disable the "Diff" 
links if it is not there (bug 215268)


git-svn-id: svn://10.0.0.236/trunk@146209 18797224-902f-48f8-a5cc-f745e15eee43
 2003-08-20 00:45:43 +00:00
bbaetz%acm.org
9e1d7096ea Bug 201816 - use CGI.pm for header output 
r=joel, a=justdave


git-svn-id: svn://10.0.0.236/trunk@142113 18797224-902f-48f8-a5cc-f745e15eee43
 2003-05-05 01:15:38 +00:00
jake%bugzilla.org
c3994d7057 Bug 196433 - Bugzilla now uses /usr/bin/perl as the shebang line 
r=justdave
a=justdave


git-svn-id: svn://10.0.0.236/trunk@140364 18797224-902f-48f8-a5cc-f745e15eee43
 2003-03-27 00:07:02 +00:00
gerv%gerv.net
7de031b9ce Bug 136603 - show_bug.cgi's XML retrieval needs a summary mode. Patch by gerv; r=bbaetz, a=justdave. 
git-svn-id: svn://10.0.0.236/trunk@136359 18797224-902f-48f8-a5cc-f745e15eee43
 2003-01-15 07:59:53 +00:00
bbaetz%student.usyd.edu.au
f60e59ef75 Bug 158499 - Templatise XML bug output 
r=gerv, justdave
a=justdave


git-svn-id: svn://10.0.0.236/trunk@135318 18797224-902f-48f8-a5cc-f745e15eee43
 2002-12-15 09:24:08 +00:00
bbaetz%student.usyd.edu.au
4dd0d47760 Bug 171493 - make show_bug use Bug.pm and remove bug_form.pl 
r=justdave, joel
a=justdave


git-svn-id: svn://10.0.0.236/trunk@134567 18797224-902f-48f8-a5cc-f745e15eee43
 2002-11-28 10:49:58 +00:00
bbaetz%student.usyd.edu.au
71381b40ed Bug 76923 - Don't |use diagnostics| (its really expensive at startup time) 
r=joel x2


git-svn-id: svn://10.0.0.236/trunk@128080 18797224-902f-48f8-a5cc-f745e15eee43
 2002-08-26 06:17:26 +00:00
gerv%gerv.net
6c6b37abf0 Bug 110012 - show_bug templatisation. r=bbaetz, afranke. 
git-svn-id: svn://10.0.0.236/trunk@117328 18797224-902f-48f8-a5cc-f745e15eee43
 2002-03-23 17:58:41 +00:00
justdave%syndicomm.com
c148fadef8 Fix for bug 108982: enable taint mode for all user-facing CGI files. 
Patch by Brad Baetz <bbaetz@student.usyd.edu.au>
r= jake, justdave


git-svn-id: svn://10.0.0.236/trunk@112490 18797224-902f-48f8-a5cc-f745e15eee43
 2002-01-20 01:44:52 +00:00
gerv%gerv.net
86fd0a166e Make Bugzilla support <link> tag for buglists. Bug 87818. r=jake, caillon. 
git-svn-id: svn://10.0.0.236/trunk@102665 18797224-902f-48f8-a5cc-f745e15eee43
 2001-09-10 21:26:05 +00:00
tara%tequilarista.org
cbb24b9172 Landing Myk's patch for bug #71767 
git-svn-id: svn://10.0.0.236/trunk@96243 18797224-902f-48f8-a5cc-f745e15eee43
 2001-06-02 22:02:02 +00:00
endico%mozilla.org
575073abd0 Checking in Jake's <jake@acutex.net> interim patches from bug 30694. Bugzilla was showing bug summaries to everyone, even if they didn't have permission to view the bug. Jake's quick solution is to not display the bug at all if it is in a group no matter who is viewing it. The correct solution would be display the summary if the viewer had the proper permissions. 
git-svn-id: svn://10.0.0.236/trunk@89378 18797224-902f-48f8-a5cc-f745e15eee43
 2001-03-12 22:35:51 +00:00