summaryrefslogtreecommitdiffstats
path: root/extensions/GitHubAuth
diff options
context:
space:
mode:
authorDylan Hardison <dylan@mozilla.com>2016-03-10 04:16:56 +0100
committerDylan Hardison <dylan@mozilla.com>2016-03-10 04:17:15 +0100
commit844c6238baf72dfa79ad7e33f2bc1947cbf5b3f5 (patch)
treef8dfdac10f166934fcf22c01d44e66b8df873577 /extensions/GitHubAuth
parent9cc89d34f79d1a326e5c792722163d5908a97c13 (diff)
downloadbugzilla-844c6238baf72dfa79ad7e33f2bc1947cbf5b3f5.tar.gz
bugzilla-844c6238baf72dfa79ad7e33f2bc1947cbf5b3f5.tar.xz
Bug 1253914 - Cross domain referer leakage when resetting the user password
Diffstat (limited to 'extensions/GitHubAuth')
-rw-r--r--extensions/GitHubAuth/template/en/default/hook/account/auth/login-additional_methods.html.tmpl2
-rw-r--r--extensions/GitHubAuth/template/en/default/hook/global/code-error-errors.html.tmpl3
2 files changed, 4 insertions, 1 deletions
diff --git a/extensions/GitHubAuth/template/en/default/hook/account/auth/login-additional_methods.html.tmpl b/extensions/GitHubAuth/template/en/default/hook/account/auth/login-additional_methods.html.tmpl
index 609b86159..17bcb3e42 100644
--- a/extensions/GitHubAuth/template/en/default/hook/account/auth/login-additional_methods.html.tmpl
+++ b/extensions/GitHubAuth/template/en/default/hook/account/auth/login-additional_methods.html.tmpl
@@ -17,4 +17,4 @@
width="185" height="25">
</form>
</p>
-[% END %]
+[% END %] \ No newline at end of file
diff --git a/extensions/GitHubAuth/template/en/default/hook/global/code-error-errors.html.tmpl b/extensions/GitHubAuth/template/en/default/hook/global/code-error-errors.html.tmpl
index aaf9b6fa3..c32dd3cd5 100644
--- a/extensions/GitHubAuth/template/en/default/hook/global/code-error-errors.html.tmpl
+++ b/extensions/GitHubAuth/template/en/default/hook/global/code-error-errors.html.tmpl
@@ -21,6 +21,9 @@
[% ELSIF error == "github_invalid_target" %]
[% terms.Bugzilla %] cannot log you into an external site via GitHub.
+[% ELSIF error == "github_insecure_referer" %]
+ [% terms.Bugzilla %] prevented you from logging in from a page containing private information.
+
[% ELSIF error == "github_invalid_request" %]
Invalid GitHub log in attempt (reason: [% reason FILTER html %])