summaryrefslogtreecommitdiffstats
path: root/template/en
diff options
context:
space:
mode:
authorgerv%gerv.net <>2003-11-09 03:04:36 +0100
committergerv%gerv.net <>2003-11-09 03:04:36 +0100
commitfc7ebc28b0859d7ddecd704001ff1adc54856d47 (patch)
tree6db8a4f000896dfb5cc1313dac91ff20052b3cab /template/en
parentee4db0ae49ef6ac641fb8713784e86165586b0c4 (diff)
downloadbugzilla-fc7ebc28b0859d7ddecd704001ff1adc54856d47.tar.gz
bugzilla-fc7ebc28b0859d7ddecd704001ff1adc54856d47.tar.xz
Bug 195530 - Make javascript version of buglists available, part 2. This is a security fix to prevent remote sites being able to see sensitive bug data. Patch by gerv; r=justdave, r=myk, a=justdave.
Diffstat (limited to 'template/en')
-rw-r--r--template/en/default/list/list.js.tmpl5
1 files changed, 5 insertions, 0 deletions
diff --git a/template/en/default/list/list.js.tmpl b/template/en/default/list/list.js.tmpl
index 8dde0c5b7..e6bc794c2 100644
--- a/template/en/default/list/list.js.tmpl
+++ b/template/en/default/list/list.js.tmpl
@@ -18,6 +18,11 @@
#
# Contributor(s): Gervase Markham <gerv@gerv.net>
#%]
+
+// Note: only publicly-accessible bugs (those not in any group) will be
+// listed when using this JavaScript format. This is to prevent malicious
+// sites stealing information about secure bugs.
+
bugs = new Array;
[% FOREACH bug = bugs %]