Bug 772953: buglist urls should not contain a token

2 files changed, 11 insertions, 2 deletions

diff --git a/buglist.cgi b/buglist.cgi
index 0e73378a8..2891b5dea 100755
--- a/buglist.cgi
+++ b/buglist.cgi
@@ -1117,7 +1117,8 @@ else {
 
 # Set 'urlquerypart' once the buglist ID is known.
 $vars->{'urlquerypart'} = $params->canonicalise_query('order', 'cmdtype',
-                                                      'query_based_on');
+                                                      'query_based_on',
+                                                      'token');
 
 if ($format->{'extension'} eq "csv") {
     # We set CSV files to be downloaded, as they are designed for importing
diff --git a/template/en/default/search/search-advanced.html.tmpl b/template/en/default/search/search-advanced.html.tmpl
index ef7fa769a..2236bf5d2 100644
--- a/template/en/default/search/search-advanced.html.tmpl
+++ b/template/en/default/search/search-advanced.html.tmpl
@@ -32,6 +32,13 @@
 
 [% js_data = BLOCK %]
 var queryform = "queryform"
+
+function remove_token() {
+  var asDefault = document.getElementById('remasdefault');
+  if (queryform.token && asDefault && !asDefault.checked) {
+    queryform.token.value = '';
+  }
+}
 [% END %]
 
 [% PROCESS global/header.html.tmpl
@@ -53,7 +60,8 @@ var queryform = "queryform"
 
 <p id="search_help">Hover your mouse over each field label to get help for that field.</p>
 
-<form method="post" action="buglist.cgi" name="queryform" id="queryform">
+<form method="post" action="buglist.cgi" name="queryform" id="queryform"
+      onsubmit="remove_token()">
 
 [% PROCESS search/form.html.tmpl %]