Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
217,010 Commits 3,986 Branches 0 Tags
Commit Graph

80 Commits

Author SHA1 Message Date
mkanat%bugzilla.org
1ae108ba0c Bug 761199: buglist.cgi enters in an infinite loop if called without arguments and the user is logged in 
r=timello a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@263912 18797224-902f-48f8-a5cc-f745e15eee43
 2012-06-07 19:30:45 +00:00
mkanat%bugzilla.org
2f16da14cb Bug 761331: Remove our customized multipart_init() method 
r=glob a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@263898 18797224-902f-48f8-a5cc-f745e15eee43
 2012-06-05 14:30:42 +00:00
mkanat%bugzilla.org
049206fa69 Bug 671612: Send "X-Content-Type-Options: nosniff" with every response 
r/a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@263870 18797224-902f-48f8-a5cc-f745e15eee43
 2012-05-29 15:16:07 +00:00
mkanat%bugzilla.org
3e4f37dad9 Bug 730670: Do not redirect in buglist.cgi to improve performance 
r=glob a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@263490 18797224-902f-48f8-a5cc-f745e15eee43
 2012-02-27 14:02:13 +00:00
mkanat%bugzilla.org
3b5e8524aa Bug 680131: Replace the MPL 1.1 license by the MPL 2.0 one in all files, and add it to files which miss one 
r=kiko r=mkanat r=mrbball a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@263258 18797224-902f-48f8-a5cc-f745e15eee43
 2012-01-11 22:48:45 +00:00
mkanat%bugzilla.org
537ef5d3ce Bug 629326: Make it simpler to check ETags 
r/a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@263197 18797224-902f-48f8-a5cc-f745e15eee43
 2011-12-26 13:16:27 +00:00
mkanat%bugzilla.org
436efca340 Bug 680771 - Send X-XSS-Protection header for XSS prevention/blocking 
[r=mkanat a=LpSolit]


git-svn-id: svn://10.0.0.236/trunk@263093 18797224-902f-48f8-a5cc-f745e15eee43
 2011-11-21 22:31:20 +00:00
mkanat%bugzilla.org
a7d5a2e186 Bug 647649: Change the old "Boolean Charts" UI into the new AND/OR 
"Custom Search" UI.
r=timello, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@262354 18797224-902f-48f8-a5cc-f745e15eee43
 2011-05-31 16:32:47 +00:00
mkanat%bugzilla.org
0042617522 Bug 655847: Accessing buglist.cgi throws: Use of inherited AUTOLOAD for non-method Bugzilla::CGI::SERVER_PUSH() is deprecated at Bugzilla/CGI.pm line 233 
r/a=mkanat


git-svn-id: svn://10.0.0.236/trunk@262349 18797224-902f-48f8-a5cc-f745e15eee43
 2011-05-29 13:02:15 +00:00
mkanat%bugzilla.org
aca412ae49 Bug 652625 - Empty queries still get run because the list_id parameter is added to them 
r/a=mkanat


git-svn-id: svn://10.0.0.236/trunk@262286 18797224-902f-48f8-a5cc-f745e15eee43
 2011-05-04 22:03:57 +00:00
mkanat%bugzilla.org
da5eb7494c Bug 637977: Re-setup CGI.pm global variables on every request under mod_perl, 
which prevents CGI.pm from generating URLs with semicolons in them instead
of ampersands.
r=glob, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@262040 18797224-902f-48f8-a5cc-f745e15eee43
 2011-03-14 05:18:26 +00:00
mkanat%bugzilla.org
4555545f11 Remove unused variable, per my review comment 
git-svn-id: svn://10.0.0.236/trunk@261699 18797224-902f-48f8-a5cc-f745e15eee43
 2010-12-28 02:16:43 +00:00
mkanat%bugzilla.org
46d29e85bf Bug 615574: Make every search done by buglist.cgi create a list_id, so that 
even Saved Searches get "last list" support.
r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@261694 18797224-902f-48f8-a5cc-f745e15eee43
 2010-12-27 22:21:47 +00:00
mkanat%bugzilla.org
e1754db844 Bug 475894 - Send the 'X-Frame-Options: SAMEORIGIN' header to help protect against clickjacking. 
[r=mkanat a=mkanat]


git-svn-id: svn://10.0.0.236/trunk@261679 18797224-902f-48f8-a5cc-f745e15eee43
 2010-12-18 08:48:34 +00:00
mkanat%bugzilla.org
28236b4ff5 Bug 607138: Don't send the Strict-Transport-Security header for the 
attachment_base.
r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@261628 18797224-902f-48f8-a5cc-f745e15eee43
 2010-12-06 16:03:52 +00:00
mkanat%bugzilla.org
b40f0c6830 Bug 600464: (CVE-2010-3172) [SECURITY] Content/Header injection due to non-random multipart/x-mixed-replace boundary 
r=mkanat a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@261506 18797224-902f-48f8-a5cc-f745e15eee43
 2010-11-02 23:37:45 +00:00
mkanat%bugzilla.org
69002b97f4 Bug 607966: Use of qw(...) as parentheses is deprecated since Perl 5.13.5 
r=gerv a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@261490 18797224-902f-48f8-a5cc-f745e15eee43
 2010-10-28 15:35:02 +00:00
mkanat%bugzilla.org
ee495843f0 Bug 600475 - Support the 'includeSubDomains' flag as an option for the 'Strict-Transport-Security' advanced option in order to protect subdomains. 
[r=glob a=mkanat]


git-svn-id: svn://10.0.0.236/trunk@261301 18797224-902f-48f8-a5cc-f745e15eee43
 2010-09-29 19:03:27 +00:00
mkanat%bugzilla.org
dd4e3e53f2 Bug 594990: Make the Strict-Transport-Security HTTP header only be sent 
if a particular parameter is enabled.
r=glob, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@261289 18797224-902f-48f8-a5cc-f745e15eee43
 2010-09-28 03:32:33 +00:00
mkanat%bugzilla.org
c634e6e71e Bug 398308: Make Search.pm take a hashref for its "params" argument 
instead of taking a CGI object.
r=mkanat, a=mkanat (module owner)


git-svn-id: svn://10.0.0.236/trunk@260794 18797224-902f-48f8-a5cc-f745e15eee43
 2010-07-16 03:01:42 +00:00
mkanat%bugzilla.org
d9437423f7 Bug 521416: Some web servers fail to set the QUERY_STRING parameter 
r/a=mkanat


git-svn-id: svn://10.0.0.236/trunk@260786 18797224-902f-48f8-a5cc-f745e15eee43
 2010-07-15 17:34:25 +00:00
mkanat%bugzilla.org
c6d6540cb3 Bug 575097 - "New STS header in Bugzilla::CGI causes malformed header error due to lack of Content-Type naming" 
[r=LpSolit a=LpSolit]


git-svn-id: svn://10.0.0.236/trunk@260589 18797224-902f-48f8-a5cc-f745e15eee43
 2010-06-27 19:31:31 +00:00
mkanat%bugzilla.org
55eca11ffc Bug 562475 - "Bugzilla should use strict-transport-security (STS) headers" 
[r=mkanat a=mkanat]


git-svn-id: svn://10.0.0.236/trunk@260585 18797224-902f-48f8-a5cc-f745e15eee43
 2010-06-26 01:16:25 +00:00
mkanat%bugzilla.org
2f60aceddb Bug 574166: Make clean_search_url take into account the new email3 fields 
from query.cgi
r=glob, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@260556 18797224-902f-48f8-a5cc-f745e15eee43
 2010-06-24 17:03:04 +00:00
mkanat%bugzilla.org
6add188323 Bug 24896: Make the First/Last/Prev/Next navigation on bugs work with 
multiple buglists at once
r=glob, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@260472 18797224-902f-48f8-a5cc-f745e15eee43
 2010-06-16 01:46:23 +00:00
mkanat%bugzilla.org
de34e60cb7 Bug 561296: A fix allowing updating a field value's name when it is 
the default value
r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@260309 18797224-902f-48f8-a5cc-f745e15eee43
 2010-05-14 14:34:34 +00:00
mkanat%bugzilla.org
f7e990146a Bug 560009: Use firstidx from List::MoreUtils instead of lsearch 
r=timello, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@260217 18797224-902f-48f8-a5cc-f745e15eee43
 2010-04-22 18:16:55 +00:00
lpsolit%gmail.com
6892b1d218 Bug 537746: Search criteria headers on buglist duplicate unnecessarily when bugidtype is in use - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=mkanat 
git-svn-id: svn://10.0.0.236/trunk@259518 18797224-902f-48f8-a5cc-f745e15eee43
 2010-01-31 17:52:40 +00:00
lpsolit%gmail.com
50f8207d2e Bug 509030: "Changes older than" in Advanced Search is sometimes ignored - Patch by Frédéric Buclin <LpSolit@gmail.com> r=gerv a=LpSolit 
git-svn-id: svn://10.0.0.236/trunk@259376 18797224-902f-48f8-a5cc-f745e15eee43
 2010-01-12 16:12:59 +00:00
mkanat%bugzilla.org
0dfd6e55e2 Bug 525734: Allow WebService clients to authenticate using Bugzilla_login and Bugzilla_password 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@258941 18797224-902f-48f8-a5cc-f745e15eee43
 2009-11-09 19:15:30 +00:00
mkanat%bugzilla.org
a200d47ff2 Bug 523495: Re-work attachment.cgi and the general attachment_base-checking code to prevent an infinite redirect loop when ssl_redirect is on and Bugzilla has an attachment_base set. 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@258772 18797224-902f-48f8-a5cc-f745e15eee43
 2009-10-24 05:22:46 +00:00
mkanat%bugzilla.org
c70c2cf9ff Bug 514913: Eliminate ssl="authenticated sessions" 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@258645 18797224-902f-48f8-a5cc-f745e15eee43
 2009-10-09 04:31:13 +00:00
mkanat%bugzilla.org
c4f99cc559 Bug 224588: Unify ($^O =~ /MSWin/) checks (always use ON_WINDOWS) 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@258321 18797224-902f-48f8-a5cc-f745e15eee43
 2009-09-04 21:08:52 +00:00
mkanat%bugzilla.org
df52cc6ee7 Bug 502641: Fix various problems that would occur when you would log in from buglist.cgi 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@257647 18797224-902f-48f8-a5cc-f745e15eee43
 2009-07-07 11:54:22 +00:00
lpsolit%gmail.com
96873e288a Bug 502498: Use of uninitialized value in string eq at Bugzilla/CGI.pm line 289 - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=mkanat 
git-svn-id: svn://10.0.0.236/trunk@257631 18797224-902f-48f8-a5cc-f745e15eee43
 2009-07-05 23:01:15 +00:00
mkanat%bugzilla.org
467db45d31 Bug 501538: Make $cgi->param() also check GET variables during a POST, so that POST forms with query-string variables in the target (like the login form) work correctly. 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@257629 18797224-902f-48f8-a5cc-f745e15eee43
 2009-07-04 12:16:28 +00:00
mkanat%bugzilla.org
22d4b4a1bd Bug 432907: Create a JSON frontend for WebServices 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@256768 18797224-902f-48f8-a5cc-f745e15eee43
 2009-03-31 06:38:02 +00:00
lpsolit%gmail.com
0c29cf31b2 Bug 38862: [SECURITY] attachments should be at a different hostname - Patch by Byron Jones <bugzilla@glob.com.au> and Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=LpSolit 
git-svn-id: svn://10.0.0.236/trunk@256018 18797224-902f-48f8-a5cc-f745e15eee43
 2009-02-02 18:26:26 +00:00
mkanat%bugzilla.org
5c30b2b73f Bug 431744: "Change Columns" URL contained more than 3x the characters in the base buglist.cgi URL 
Patch By Michael J Tosh <michael.j.tosh@lmco.com> r=mkanat, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@255865 18797224-902f-48f8-a5cc-f745e15eee43
 2009-01-20 20:18:47 +00:00
mkanat%bugzilla.org
dbe3cc397f Bug 454892: Improve Bugzilla::CGI::clean_search_url to remove all the normal "default" fields 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@254238 18797224-902f-48f8-a5cc-f745e15eee43
 2008-09-16 19:52:46 +00:00
dkl%redhat.com
f51ff717a8 Bug 428659 – Setting SSL param to 'authenticated sessions' only protects logins and param 
doesn't protect WebService calls at all
Patch by David Lawrence <dkl@redhat.com> - r/a=LpSolit/mkanat


git-svn-id: svn://10.0.0.236/trunk@253665 18797224-902f-48f8-a5cc-f745e15eee43
 2008-08-18 04:16:14 +00:00
dkl%redhat.com
223ced6261 Backing out these patches as they cause a regression. More information 
in the respective bug reports.

Bug 428659 – Setting SSL param to 'authenticated sessions' only
protects logins and param doesn't protect WebService calls at all
Patch by Dave Lawrence <dkl@redhat.com> - r/a=mkanat

Bug 445104: ssl redirects come with a 200 OK HTTP code on mod_perl
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@253320 18797224-902f-48f8-a5cc-f745e15eee43
 2008-07-28 20:58:01 +00:00
mkanat%bugzilla.org
81a7b56e9b Bug 445104: ssl redirects come with a 200 OK HTTP code on mod_perl 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@253246 18797224-902f-48f8-a5cc-f745e15eee43
 2008-07-24 16:03:25 +00:00
dkl%redhat.com
fe2838832f Bug 428659 – Setting SSL param to 'authenticated sessions' only protects logins and param doesn't protect WebService calls at all 
Patch by Dave Lawrence <dkl@redhat.com> - r/a=mkanat


git-svn-id: svn://10.0.0.236/trunk@252948 18797224-902f-48f8-a5cc-f745e15eee43
 2008-07-10 04:56:22 +00:00
lpsolit%gmail.com
5302b50e38 Bug 414002: Temporary files for uploaded attachments are not deleted on Windows - Patch by Steve Hay <SteveHay@planit.com> r/a=LpSolit 
git-svn-id: svn://10.0.0.236/trunk@244363 18797224-902f-48f8-a5cc-f745e15eee43
 2008-01-29 19:23:56 +00:00
mkanat%bugzilla.org
9c02eee8d8 Bug 407420: CGI::Carp fatalsToBrowser should happen as early as possible 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=justdave, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@242465 18797224-902f-48f8-a5cc-f745e15eee43
 2008-01-06 02:53:45 +00:00
mkanat%bugzilla.org
eff047bd4f Bug 363153: Turn on the utf8 bit on all strings in Bugzilla that contain 
non-ASCII data, if the utf8 parameter is on. This means that string functions
like substr() work properly on multi-byte languages, now.
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=wurblzap, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@239856 18797224-902f-48f8-a5cc-f745e15eee43
 2007-11-23 06:58:36 +00:00
timeless%mozdev.org
847afa671a Bug 345970 Avoid using the string 'the web' 
patch by jhulten@tragicallyleet.com r=timeless
I've updated it to trunk r=lpsolit a=lpsolit


git-svn-id: svn://10.0.0.236/trunk@230773 18797224-902f-48f8-a5cc-f745e15eee43
 2007-07-24 18:22:02 +00:00
wurblzap%gmail.com
499fb4c722 Bug 383745: Incorrect charset specification in "please wait" screen when server push is in use. 
Patch by Marc Schumann <wurblzap@gmail.com>,
r=mkanat, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@228574 18797224-902f-48f8-a5cc-f745e15eee43
 2007-06-22 07:29:25 +00:00
mkanat%bugzilla.org
7069b5a5fe Bug 360028: Bugzilla::Search::Saved should have create() and update(), and buglist.cgi should use it 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave


git-svn-id: svn://10.0.0.236/trunk@215190 18797224-902f-48f8-a5cc-f745e15eee43
 2006-11-13 03:07:57 +00:00