diff options
| author | Byron Jones <glob@mozilla.com> | 2014-11-04 15:40:34 +0100 |
|---|---|---|
| committer | Byron Jones <glob@mozilla.com> | 2014-11-04 15:40:34 +0100 |
| commit | ede3ced0fa2b76a5fcf8770eee29a2e23d5189a9 (patch) | |
| tree | 527db7cd4f722f315de1247ac77897fb24ad1d7c /template/en/default | |
| parent | 64fc523d6feb517dae87d76ea8568f43b89e1547 (diff) | |
| download | bugzilla-ede3ced0fa2b76a5fcf8770eee29a2e23d5189a9.tar.gz bugzilla-ede3ced0fa2b76a5fcf8770eee29a2e23d5189a9.tar.xz | |
Bug 1093622: Backout bug 1090427 for causing: authenticated calls from bzapi are failing: 'Untrusted Authentication Request'
Diffstat (limited to 'template/en/default')
4 files changed, 4 insertions, 18 deletions
diff --git a/template/en/default/account/auth/login-small.html.tmpl b/template/en/default/account/auth/login-small.html.tmpl index 111aca0dd..220eb5f21 100644 --- a/template/en/default/account/auth/login-small.html.tmpl +++ b/template/en/default/account/auth/login-small.html.tmpl @@ -72,9 +72,7 @@ [%+ "checked" IF Param('rememberlogin') == "defaulton" %]> <label for="Bugzilla_remember[% qs_suffix %]">Remember</label> [% END %] - <input type="hidden" name="Bugzilla_login_token" - value="[% get_login_request_token() FILTER html %]"> - <input type="submit" name="GoAheadAndLogIn" value="Log in" + <input type="submit" name="GoAheadAndLogIn" value="Log in" id="log_in[% qs_suffix %]"> <a href="#" id="hide_mini_login[% qs_suffix FILTER html %]" onclick="return hide_mini_login_form('[% qs_suffix %]')">[x]</a> diff --git a/template/en/default/account/auth/login.html.tmpl b/template/en/default/account/auth/login.html.tmpl index 4501a3962..0aac403a5 100644 --- a/template/en/default/account/auth/login.html.tmpl +++ b/template/en/default/account/auth/login.html.tmpl @@ -83,10 +83,8 @@ [% PROCESS "global/hidden-fields.html.tmpl" exclude="^Bugzilla_(login|password|restrictlogin)$" %] - <input type="hidden" name="Bugzilla_login_token" - value="[% get_login_request_token() FILTER html %]"> <input type="submit" name="GoAheadAndLogIn" value="Log in" id="log_in"> - + <p> (Note: you should make sure cookies are enabled for this site. Otherwise, you will be required to log in frequently.) diff --git a/template/en/default/admin/sudo.html.tmpl b/template/en/default/admin/sudo.html.tmpl index beb7ba510..676959c34 100644 --- a/template/en/default/admin/sudo.html.tmpl +++ b/template/en/default/admin/sudo.html.tmpl @@ -81,10 +81,9 @@ <p> Finally, enter <label for="Bugzilla_password">your [% terms.Bugzilla %] password</label>: - <input type="hidden" name="Bugzilla_login" value="[% user.login FILTER html %]"> + <input type="hidden" name="Bugzilla_login" value=" + [%- user.login FILTER html %]"> <input type="password" id="Bugzilla_password" name="Bugzilla_password" size="20"> - <input type="hidden" name="Bugzilla_login_token" - value="[% login_request_token FILTER html %]"> <br> This is done for two reasons. First of all, it is done to reduce the chances of someone doing large amounts of damage using your diff --git a/template/en/default/global/user-error.html.tmpl b/template/en/default/global/user-error.html.tmpl index 09c4c4126..3146d4a90 100644 --- a/template/en/default/global/user-error.html.tmpl +++ b/template/en/default/global/user-error.html.tmpl @@ -235,15 +235,6 @@ [% Hook.process("auth_failure") %] - [% ELSIF error == "auth_untrusted_request" %] - [% title = "Untrusted Authentication Request" %] - You tried to log in using the <em>[% login FILTER html %]</em> account, - but [% terms.Bugzilla %] is unable to trust your request. Make sure - your web browser accepts cookies and that you haven't been redirected - here from an external web site. - <a href="index.cgi?GoAheadAndLogIn=1">Click here</a> if you really want - to log in. - [% ELSIF error == "attachment_deletion_disabled" %] [% title = "Attachment Deletion Disabled" %] Attachment deletion is disabled on this installation. |