Bug 803600: Operators email address is exposed to anons on attachment deletion

2 files changed, 2 insertions, 10 deletions

diff --git a/attachment.cgi b/attachment.cgi
index 7cacd4f1c..985430d85 100755
--- a/attachment.cgi
+++ b/attachment.cgi
@@ -779,7 +779,6 @@ sub delete_attachment {
         # The token is valid. Delete the content of the attachment.
         my $msg;
         $vars->{'attachment'} = $attachment;
-        $vars->{'date'} = $date;
         $vars->{'reason'} = clean_text($cgi->param('reason') || '');
 
         $template->process("attachment/delete_reason.txt.tmpl", $vars, \$msg)
diff --git a/template/en/default/attachment/delete_reason.txt.tmpl b/template/en/default/attachment/delete_reason.txt.tmpl
index e4a1fc41f..87175c1a3 100644
--- a/template/en/default/attachment/delete_reason.txt.tmpl
+++ b/template/en/default/attachment/delete_reason.txt.tmpl
@@ -16,17 +16,10 @@
 [%# INTERFACE:
   # attachment: object of the attachment the user wants to delete.
   # reason: string; The reason provided by the user.
-  # date: the date when the request to delete the attachment was made.
   #%]
 
-The content of attachment [% attachment.id %] has been deleted by
-    [%+ user.identity %]
-[% IF reason %]
-who provided the following reason:
+The content of attachment [% attachment.id %] has been deleted
+[%~ IF reason %] for the following reason:
 
 [%+ reason %]
-[% ELSE %]
-without providing any reason.
 [% END %]
-
-The token used to delete this attachment was generated at [% date FILTER time %].