Bug 725663 - (CVE-2012-0453) [SECURITY] CSRF vulnerability in the XML-RPC API when using mod_perl

r/a=LpSolit
author: Dave Lawrence <dlawrence@mozilla.com> 2012-02-22 16:48:50 +0100
committer: Dave Lawrence <dlawrence@mozilla.com> 2012-02-22 16:48:50 +0100
commit: 0af9c776bc5223556c9140378a7a1ab76d94a7c0 (patch)
tree: d3c98ddad84d0016185362998f7ea6d7bd6141d7 /template/en/default/global
parent: a50a0814289d7a27acfb6e7ae6308bea5faa072e (diff)
download: bugzilla-0af9c776bc5223556c9140378a7a1ab76d94a7c0.tar.gz
bugzilla-0af9c776bc5223556c9140378a7a1ab76d94a7c0.tar.xz
1 files changed, 5 insertions, 0 deletions
diff --git a/template/en/default/global/user-error.html.tmpl b/template/en/default/global/user-error.html.tmpl
index 7408a1a05..fdcdc6626 100644
--- a/template/en/default/global/user-error.html.tmpl
+++ b/template/en/default/global/user-error.html.tmpl
@@ -1699,6 +1699,11 @@
     &lt;[% type FILTER html %]&gt; field. (See the XML-RPC specification
     for details.)
 
+  [% ELSIF error == "xmlrpc_illegal_content_type" %]
+    When using XML-RPC, you cannot send data as
+    [%+ content_type FILTER html %]. Allowed content types 
+    are [% constants.XMLRPC_CONTENT_TYPE_WHITELIST.join(', ') %].
+
   [% ELSIF error == "zero_length_file" %]
     [% title = "File Is Empty" %]
     The file you are trying to attach is empty, does not exist, or you don't
author	Dave Lawrence <dlawrence@mozilla.com>	2012-02-22 16:48:50 +0100
committer	Dave Lawrence <dlawrence@mozilla.com>	2012-02-22 16:48:50 +0100
commit	0af9c776bc5223556c9140378a7a1ab76d94a7c0 (patch)
tree	d3c98ddad84d0016185362998f7ea6d7bd6141d7 /template/en/default/global
parent	a50a0814289d7a27acfb6e7ae6308bea5faa072e (diff)
download	bugzilla-0af9c776bc5223556c9140378a7a1ab76d94a7c0.tar.gz bugzilla-0af9c776bc5223556c9140378a7a1ab76d94a7c0.tar.xz