Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
215,533 Commits 3,986 Branches 0 Tags
Commit Graph

70 Commits

Author SHA1 Message Date
mkanat%bugzilla.org
da5eb7494c Bug 637977: Re-setup CGI.pm global variables on every request under mod_perl, 
which prevents CGI.pm from generating URLs with semicolons in them instead
of ampersands.
r=glob, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@262040 18797224-902f-48f8-a5cc-f745e15eee43
 2011-03-14 05:18:26 +00:00
mkanat%bugzilla.org
4555545f11 Remove unused variable, per my review comment 
git-svn-id: svn://10.0.0.236/trunk@261699 18797224-902f-48f8-a5cc-f745e15eee43
 2010-12-28 02:16:43 +00:00
mkanat%bugzilla.org
46d29e85bf Bug 615574: Make every search done by buglist.cgi create a list_id, so that 
even Saved Searches get "last list" support.
r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@261694 18797224-902f-48f8-a5cc-f745e15eee43
 2010-12-27 22:21:47 +00:00
mkanat%bugzilla.org
e1754db844 Bug 475894 - Send the 'X-Frame-Options: SAMEORIGIN' header to help protect against clickjacking. 
[r=mkanat a=mkanat]


git-svn-id: svn://10.0.0.236/trunk@261679 18797224-902f-48f8-a5cc-f745e15eee43
 2010-12-18 08:48:34 +00:00
mkanat%bugzilla.org
28236b4ff5 Bug 607138: Don't send the Strict-Transport-Security header for the 
attachment_base.
r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@261628 18797224-902f-48f8-a5cc-f745e15eee43
 2010-12-06 16:03:52 +00:00
mkanat%bugzilla.org
b40f0c6830 Bug 600464: (CVE-2010-3172) [SECURITY] Content/Header injection due to non-random multipart/x-mixed-replace boundary 
r=mkanat a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@261506 18797224-902f-48f8-a5cc-f745e15eee43
 2010-11-02 23:37:45 +00:00
mkanat%bugzilla.org
69002b97f4 Bug 607966: Use of qw(...) as parentheses is deprecated since Perl 5.13.5 
r=gerv a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@261490 18797224-902f-48f8-a5cc-f745e15eee43
 2010-10-28 15:35:02 +00:00
mkanat%bugzilla.org
ee495843f0 Bug 600475 - Support the 'includeSubDomains' flag as an option for the 'Strict-Transport-Security' advanced option in order to protect subdomains. 
[r=glob a=mkanat]


git-svn-id: svn://10.0.0.236/trunk@261301 18797224-902f-48f8-a5cc-f745e15eee43
 2010-09-29 19:03:27 +00:00
mkanat%bugzilla.org
dd4e3e53f2 Bug 594990: Make the Strict-Transport-Security HTTP header only be sent 
if a particular parameter is enabled.
r=glob, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@261289 18797224-902f-48f8-a5cc-f745e15eee43
 2010-09-28 03:32:33 +00:00
mkanat%bugzilla.org
c634e6e71e Bug 398308: Make Search.pm take a hashref for its "params" argument 
instead of taking a CGI object.
r=mkanat, a=mkanat (module owner)


git-svn-id: svn://10.0.0.236/trunk@260794 18797224-902f-48f8-a5cc-f745e15eee43
 2010-07-16 03:01:42 +00:00
mkanat%bugzilla.org
d9437423f7 Bug 521416: Some web servers fail to set the QUERY_STRING parameter 
r/a=mkanat


git-svn-id: svn://10.0.0.236/trunk@260786 18797224-902f-48f8-a5cc-f745e15eee43
 2010-07-15 17:34:25 +00:00
mkanat%bugzilla.org
c6d6540cb3 Bug 575097 - "New STS header in Bugzilla::CGI causes malformed header error due to lack of Content-Type naming" 
[r=LpSolit a=LpSolit]


git-svn-id: svn://10.0.0.236/trunk@260589 18797224-902f-48f8-a5cc-f745e15eee43
 2010-06-27 19:31:31 +00:00
mkanat%bugzilla.org
55eca11ffc Bug 562475 - "Bugzilla should use strict-transport-security (STS) headers" 
[r=mkanat a=mkanat]


git-svn-id: svn://10.0.0.236/trunk@260585 18797224-902f-48f8-a5cc-f745e15eee43
 2010-06-26 01:16:25 +00:00
mkanat%bugzilla.org
2f60aceddb Bug 574166: Make clean_search_url take into account the new email3 fields 
from query.cgi
r=glob, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@260556 18797224-902f-48f8-a5cc-f745e15eee43
 2010-06-24 17:03:04 +00:00
mkanat%bugzilla.org
6add188323 Bug 24896: Make the First/Last/Prev/Next navigation on bugs work with 
multiple buglists at once
r=glob, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@260472 18797224-902f-48f8-a5cc-f745e15eee43
 2010-06-16 01:46:23 +00:00
mkanat%bugzilla.org
de34e60cb7 Bug 561296: A fix allowing updating a field value's name when it is 
the default value
r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@260309 18797224-902f-48f8-a5cc-f745e15eee43
 2010-05-14 14:34:34 +00:00
mkanat%bugzilla.org
f7e990146a Bug 560009: Use firstidx from List::MoreUtils instead of lsearch 
r=timello, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@260217 18797224-902f-48f8-a5cc-f745e15eee43
 2010-04-22 18:16:55 +00:00
lpsolit%gmail.com
6892b1d218 Bug 537746: Search criteria headers on buglist duplicate unnecessarily when bugidtype is in use - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=mkanat 
git-svn-id: svn://10.0.0.236/trunk@259518 18797224-902f-48f8-a5cc-f745e15eee43
 2010-01-31 17:52:40 +00:00
lpsolit%gmail.com
50f8207d2e Bug 509030: "Changes older than" in Advanced Search is sometimes ignored - Patch by Frédéric Buclin <LpSolit@gmail.com> r=gerv a=LpSolit 
git-svn-id: svn://10.0.0.236/trunk@259376 18797224-902f-48f8-a5cc-f745e15eee43
 2010-01-12 16:12:59 +00:00
mkanat%bugzilla.org
0dfd6e55e2 Bug 525734: Allow WebService clients to authenticate using Bugzilla_login and Bugzilla_password 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@258941 18797224-902f-48f8-a5cc-f745e15eee43
 2009-11-09 19:15:30 +00:00
mkanat%bugzilla.org
a200d47ff2 Bug 523495: Re-work attachment.cgi and the general attachment_base-checking code to prevent an infinite redirect loop when ssl_redirect is on and Bugzilla has an attachment_base set. 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@258772 18797224-902f-48f8-a5cc-f745e15eee43
 2009-10-24 05:22:46 +00:00
mkanat%bugzilla.org
c70c2cf9ff Bug 514913: Eliminate ssl="authenticated sessions" 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@258645 18797224-902f-48f8-a5cc-f745e15eee43
 2009-10-09 04:31:13 +00:00
mkanat%bugzilla.org
c4f99cc559 Bug 224588: Unify ($^O =~ /MSWin/) checks (always use ON_WINDOWS) 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@258321 18797224-902f-48f8-a5cc-f745e15eee43
 2009-09-04 21:08:52 +00:00
mkanat%bugzilla.org
df52cc6ee7 Bug 502641: Fix various problems that would occur when you would log in from buglist.cgi 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@257647 18797224-902f-48f8-a5cc-f745e15eee43
 2009-07-07 11:54:22 +00:00
lpsolit%gmail.com
96873e288a Bug 502498: Use of uninitialized value in string eq at Bugzilla/CGI.pm line 289 - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=mkanat 
git-svn-id: svn://10.0.0.236/trunk@257631 18797224-902f-48f8-a5cc-f745e15eee43
 2009-07-05 23:01:15 +00:00
mkanat%bugzilla.org
467db45d31 Bug 501538: Make $cgi->param() also check GET variables during a POST, so that POST forms with query-string variables in the target (like the login form) work correctly. 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@257629 18797224-902f-48f8-a5cc-f745e15eee43
 2009-07-04 12:16:28 +00:00
mkanat%bugzilla.org
22d4b4a1bd Bug 432907: Create a JSON frontend for WebServices 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@256768 18797224-902f-48f8-a5cc-f745e15eee43
 2009-03-31 06:38:02 +00:00
lpsolit%gmail.com
0c29cf31b2 Bug 38862: [SECURITY] attachments should be at a different hostname - Patch by Byron Jones <bugzilla@glob.com.au> and Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=LpSolit 
git-svn-id: svn://10.0.0.236/trunk@256018 18797224-902f-48f8-a5cc-f745e15eee43
 2009-02-02 18:26:26 +00:00
mkanat%bugzilla.org
5c30b2b73f Bug 431744: "Change Columns" URL contained more than 3x the characters in the base buglist.cgi URL 
Patch By Michael J Tosh <michael.j.tosh@lmco.com> r=mkanat, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@255865 18797224-902f-48f8-a5cc-f745e15eee43
 2009-01-20 20:18:47 +00:00
mkanat%bugzilla.org
dbe3cc397f Bug 454892: Improve Bugzilla::CGI::clean_search_url to remove all the normal "default" fields 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@254238 18797224-902f-48f8-a5cc-f745e15eee43
 2008-09-16 19:52:46 +00:00
dkl%redhat.com
f51ff717a8 Bug 428659 – Setting SSL param to 'authenticated sessions' only protects logins and param 
doesn't protect WebService calls at all
Patch by David Lawrence <dkl@redhat.com> - r/a=LpSolit/mkanat


git-svn-id: svn://10.0.0.236/trunk@253665 18797224-902f-48f8-a5cc-f745e15eee43
 2008-08-18 04:16:14 +00:00
dkl%redhat.com
223ced6261 Backing out these patches as they cause a regression. More information 
in the respective bug reports.

Bug 428659 – Setting SSL param to 'authenticated sessions' only
protects logins and param doesn't protect WebService calls at all
Patch by Dave Lawrence <dkl@redhat.com> - r/a=mkanat

Bug 445104: ssl redirects come with a 200 OK HTTP code on mod_perl
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@253320 18797224-902f-48f8-a5cc-f745e15eee43
 2008-07-28 20:58:01 +00:00
mkanat%bugzilla.org
81a7b56e9b Bug 445104: ssl redirects come with a 200 OK HTTP code on mod_perl 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@253246 18797224-902f-48f8-a5cc-f745e15eee43
 2008-07-24 16:03:25 +00:00
dkl%redhat.com
fe2838832f Bug 428659 – Setting SSL param to 'authenticated sessions' only protects logins and param doesn't protect WebService calls at all 
Patch by Dave Lawrence <dkl@redhat.com> - r/a=mkanat


git-svn-id: svn://10.0.0.236/trunk@252948 18797224-902f-48f8-a5cc-f745e15eee43
 2008-07-10 04:56:22 +00:00
lpsolit%gmail.com
5302b50e38 Bug 414002: Temporary files for uploaded attachments are not deleted on Windows - Patch by Steve Hay <SteveHay@planit.com> r/a=LpSolit 
git-svn-id: svn://10.0.0.236/trunk@244363 18797224-902f-48f8-a5cc-f745e15eee43
 2008-01-29 19:23:56 +00:00
mkanat%bugzilla.org
9c02eee8d8 Bug 407420: CGI::Carp fatalsToBrowser should happen as early as possible 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=justdave, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@242465 18797224-902f-48f8-a5cc-f745e15eee43
 2008-01-06 02:53:45 +00:00
mkanat%bugzilla.org
eff047bd4f Bug 363153: Turn on the utf8 bit on all strings in Bugzilla that contain 
non-ASCII data, if the utf8 parameter is on. This means that string functions
like substr() work properly on multi-byte languages, now.
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=wurblzap, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@239856 18797224-902f-48f8-a5cc-f745e15eee43
 2007-11-23 06:58:36 +00:00
timeless%mozdev.org
847afa671a Bug 345970 Avoid using the string 'the web' 
patch by jhulten@tragicallyleet.com r=timeless
I've updated it to trunk r=lpsolit a=lpsolit


git-svn-id: svn://10.0.0.236/trunk@230773 18797224-902f-48f8-a5cc-f745e15eee43
 2007-07-24 18:22:02 +00:00
wurblzap%gmail.com
499fb4c722 Bug 383745: Incorrect charset specification in "please wait" screen when server push is in use. 
Patch by Marc Schumann <wurblzap@gmail.com>,
r=mkanat, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@228574 18797224-902f-48f8-a5cc-f745e15eee43
 2007-06-22 07:29:25 +00:00
mkanat%bugzilla.org
7069b5a5fe Bug 360028: Bugzilla::Search::Saved should have create() and update(), and buglist.cgi should use it 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave


git-svn-id: svn://10.0.0.236/trunk@215190 18797224-902f-48f8-a5cc-f745e15eee43
 2006-11-13 03:07:57 +00:00
mkanat%bugzilla.org
6303eb3d4e Bug 357526: buglist.cgi doesn't specify encoding as UTF-8 when the rest of Bugzilla does 
Patch By John Beranek <john@redux.org.uk> r=mkanat, a=justdave


git-svn-id: svn://10.0.0.236/trunk@214499 18797224-902f-48f8-a5cc-f745e15eee43
 2006-10-31 23:43:13 +00:00
mkanat%bugzilla.org
e7f63b992b Bug 349764: Errors print out a whole HTML page, even when we're not in USAGE_MODE_BROWSER 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=kevin.benton, a=myk


git-svn-id: svn://10.0.0.236/trunk@209191 18797224-902f-48f8-a5cc-f745e15eee43
 2006-09-05 18:54:06 +00:00
mkanat%bugzilla.org
5e8c48d336 Bug 173897: Fix |XXX - mod_perl| comments 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk


git-svn-id: svn://10.0.0.236/trunk@205036 18797224-902f-48f8-a5cc-f745e15eee43
 2006-07-28 08:20:31 +00:00
mkanat%bugzilla.org
f03dd55f0c Bug 300978: bad output when a non-cgi script dies 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk


git-svn-id: svn://10.0.0.236/trunk@203696 18797224-902f-48f8-a5cc-f745e15eee43
 2006-07-25 23:23:49 +00:00
mkanat%bugzilla.org
a008236c73 Bug 342757: searching results in "YOUR BROWSER DOESN'T SUPPORT THIS SERVER-PUSH TECHNOLOGY" warning on brower under mod_perl 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=justdave, a=justdave


git-svn-id: svn://10.0.0.236/trunk@201920 18797224-902f-48f8-a5cc-f745e15eee43
 2006-07-12 06:05:07 +00:00
mkanat%bugzilla.org
0c4bb6821f Bug 343361: die_with_dignity is useless inside of Bugzilla::CGI 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, r=colin, a=myk


git-svn-id: svn://10.0.0.236/trunk@201625 18797224-902f-48f8-a5cc-f745e15eee43
 2006-07-05 23:33:25 +00:00
lpsolit%gmail.com
f952ed05cf Bug 304601: Bugzilla::Config's :locations exports need to be in their own module - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat for the main patch, r=myk for the patch about CGI.pm a=justdave 
Bug 328637: Remove all legal_* versioncache arrays - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=justdave

Bug 110503 - Eliminate versioncache


git-svn-id: svn://10.0.0.236/trunk@200347 18797224-902f-48f8-a5cc-f745e15eee43
 2006-06-19 20:15:18 +00:00
vladd%bugzilla.org
d279634dba Spelling in code comments patch: 'behavour' -> 'behaviour'; patch by Vlad Dascalu <vladd@bugzilla.org>. 
git-svn-id: svn://10.0.0.236/trunk@200300 18797224-902f-48f8-a5cc-f745e15eee43
 2006-06-19 15:39:53 +00:00
lpsolit%gmail.com
2b93ee1757 Bug 313255: Move $::ENV{foo} and $::SIG{foo} out of globals.pl - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk 
git-svn-id: svn://10.0.0.236/trunk@199854 18797224-902f-48f8-a5cc-f745e15eee43
 2006-06-14 00:26:27 +00:00
wurblzap%gmail.com
39518125ed Bug 306695: Boolean charts forgets "0" values. 
Patch by Marc Schumann <wurblzap@gmail.com>,
r=LpSolit, bugreport, a=justdave


git-svn-id: svn://10.0.0.236/trunk@193282 18797224-902f-48f8-a5cc-f745e15eee43
 2006-03-30 22:23:07 +00:00