Bug 1253914 - Cross domain referer leakage when resetting the user password

2 files changed, 4 insertions, 1 deletions

diff --git a/extensions/GitHubAuth/template/en/default/hook/account/auth/login-additional_methods.html.tmpl b/extensions/GitHubAuth/template/en/default/hook/account/auth/login-additional_methods.html.tmpl
index 609b86159..17bcb3e42 100644
--- a/extensions/GitHubAuth/template/en/default/hook/account/auth/login-additional_methods.html.tmpl
+++ b/extensions/GitHubAuth/template/en/default/hook/account/auth/login-additional_methods.html.tmpl
@@ -17,4 +17,4 @@
            width="185" height="25">
     </form>
   </p>
-[% END %]
+[% END %]
\ No newline at end of file
diff --git a/extensions/GitHubAuth/template/en/default/hook/global/code-error-errors.html.tmpl b/extensions/GitHubAuth/template/en/default/hook/global/code-error-errors.html.tmpl
index aaf9b6fa3..c32dd3cd5 100644
--- a/extensions/GitHubAuth/template/en/default/hook/global/code-error-errors.html.tmpl
+++ b/extensions/GitHubAuth/template/en/default/hook/global/code-error-errors.html.tmpl
@@ -21,6 +21,9 @@
 [% ELSIF error == "github_invalid_target" %]
   [% terms.Bugzilla %] cannot log you into an external site via GitHub.
 
+[% ELSIF error == "github_insecure_referer" %]
+  [% terms.Bugzilla %] prevented you from logging in from a page containing private information.
+
 [% ELSIF error == "github_invalid_request" %]
   Invalid GitHub log in attempt (reason: [% reason FILTER html %])