summaryrefslogtreecommitdiffstats
path: root/template/en/default/bug
diff options
context:
space:
mode:
authorDave Lawrence <dlawrence@mozilla.com>2011-11-28 17:38:31 +0100
committerDave Lawrence <dlawrence@mozilla.com>2011-11-28 17:38:31 +0100
commitfaac5e70ce92133773a2043619f9f23870beb14b (patch)
tree6f7a03e9e4c14cfa2ee701622f79af9a449ad97e /template/en/default/bug
parent4e01a91159acec1075c5d156e2e9c956167696c0 (diff)
downloadbugzilla-faac5e70ce92133773a2043619f9f23870beb14b.tar.gz
bugzilla-faac5e70ce92133773a2043619f9f23870beb14b.tar.xz
Bug 704308 - CSRF vulnerability in post_bug.cgi allows possible unauthorized bug creation
Diffstat (limited to 'template/en/default/bug')
-rw-r--r--template/en/default/bug/create/confirm-create-dupe.html.tmpl57
1 files changed, 0 insertions, 57 deletions
diff --git a/template/en/default/bug/create/confirm-create-dupe.html.tmpl b/template/en/default/bug/create/confirm-create-dupe.html.tmpl
deleted file mode 100644
index b0a5cddda..000000000
--- a/template/en/default/bug/create/confirm-create-dupe.html.tmpl
+++ /dev/null
@@ -1,57 +0,0 @@
-[%# The contents of this file are subject to the Mozilla Public
- # License Version 1.1 (the "License"); you may not use this file
- # except in compliance with the License. You may obtain a copy of
- # the License at http://www.mozilla.org/MPL/
- #
- # Software distributed under the License is distributed on an "AS
- # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- # implied. See the License for the specific language governing
- # rights and limitations under the License.
- #
- # The Original Code is the Bugzilla Bug Tracking System.
- #
- # The Initial Developer of the Original Code is Olav Vitters.
- #
- # Contributor(s): Olav Vitters <olav@bkor.dhs.org>
- #%]
-
-[%# INTERFACE:
- # bugid: integer. ID of the bug previously used to create a bug.
- # allow_override: boolean int. Is 1 if the user may submit the bug again.
- #%]
-
-[% PROCESS "global/field-descs.none.tmpl" %]
-
-[% PROCESS global/header.html.tmpl
- title = "Already filed $terms.bug"
-%]
-
-[% USE Bugzilla %]
-
-<table cellpadding="20">
- <tr>
- <td bgcolor="#ff0000">
- <font size="+2">
- You already used the form to file [% "$terms.bug $bugid" FILTER bug_link(bugid) FILTER none %].
- </font>
- </td>
- </tr>
-</table>
-
-<p><font size="big">You are highly encouraged to visit [% "$terms.bug $bugid"
-FILTER bug_link(bugid) FILTER none %].</font></p>
-
-[% IF allow_override %]
- <p>If you are sure you used the same form to submit a new [% terms.bug %],
- click 'File [% terms.bug %] again'.<p>
-
- <form name="create" id="create" method="post" action="post_bug.cgi"
- [%- IF Bugzilla.cgi.param("data") %] enctype="multipart/form-data"[% END %]>
- [% PROCESS "global/hidden-fields.html.tmpl"
- exclude="^(Bugzilla_login|Bugzilla_password|ignore_token)$" %]
- <input type="hidden" name="ignore_token" value="[% bugid FILTER html %]">
- <input type="submit" value="File [% terms.bug %] again" id="file_bug_again">
- </form>
-[% END %]
-
-[% PROCESS global/footer.html.tmpl %]