diff options
author | lpsolit%gmail.com <> | 2009-02-02 19:48:38 +0100 |
---|---|---|
committer | lpsolit%gmail.com <> | 2009-02-02 19:48:38 +0100 |
commit | 44341577cd209d8c61fe4129ea72785fc7be9ee5 (patch) | |
tree | 794b09b93c8bb68d00b72f23872048a519d7dcaf /template/en | |
parent | 95c875a4f1b3c7f5dc7de573551f24e72718506b (diff) | |
download | bugzilla-44341577cd209d8c61fe4129ea72785fc7be9ee5.tar.gz bugzilla-44341577cd209d8c61fe4129ea72785fc7be9ee5.tar.xz |
Bug 466748: [SECURITY] Shared/saved searches can be deleted without user confirmation using predictable URL - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=LpSolit
Diffstat (limited to 'template/en')
-rw-r--r-- | template/en/default/account/prefs/saved-searches.html.tmpl | 3 | ||||
-rw-r--r-- | template/en/default/global/user-error.html.tmpl | 5 | ||||
-rw-r--r-- | template/en/default/list/list.html.tmpl | 5 |
3 files changed, 8 insertions, 5 deletions
diff --git a/template/en/default/account/prefs/saved-searches.html.tmpl b/template/en/default/account/prefs/saved-searches.html.tmpl index 709cf49c5..280b932ba 100644 --- a/template/en/default/account/prefs/saved-searches.html.tmpl +++ b/template/en/default/account/prefs/saved-searches.html.tmpl @@ -108,7 +108,8 @@ Remove from <a href="editwhines.cgi">whining</a> first [% ELSE %] <a href="buglist.cgi?cmdtype=dorem&remaction=forget&namedcmd= - [% q.name FILTER url_quote %]">Forget</a> + [% q.name FILTER url_quote %]&token= + [% issue_hash_token([q.id, q.name]) FILTER url_quote %]">Forget</a> [% END %] </td> <td align="center"> diff --git a/template/en/default/global/user-error.html.tmpl b/template/en/default/global/user-error.html.tmpl index 0606857dd..1efee9a5e 100644 --- a/template/en/default/global/user-error.html.tmpl +++ b/template/en/default/global/user-error.html.tmpl @@ -1391,8 +1391,9 @@ The name <em>[% name FILTER html %]</em> is already used by another saved search. You first have to <a href="buglist.cgi?cmdtype=dorem&remaction=forget&namedcmd= - [%- name FILTER url_quote %]">delete</a> it if you really want to use - this name. + [%- name FILTER url_quote %]&token= + [% issue_hash_token([query_id, name]) FILTER url_quote %]">delete</a> + it if you really want to use this name. [% ELSIF error == "query_name_missing" %] [% title = "No Search Name Specified" %] diff --git a/template/en/default/list/list.html.tmpl b/template/en/default/list/list.html.tmpl index 4929c416d..a75f1340c 100644 --- a/template/en/default/list/list.html.tmpl +++ b/template/en/default/list/list.html.tmpl @@ -228,8 +228,9 @@ <td valign="middle" nowrap="nowrap" class="bz_query_forget"> | <a href="buglist.cgi?cmdtype=dorem&remaction=forget&namedcmd= - [% searchname FILTER url_quote %]">Forget Search ' - [% searchname FILTER html %]'</a> + [% searchname FILTER url_quote %]&token= + [% issue_hash_token([search_id, searchname]) FILTER url_quote %]"> + Forget Search '[% searchname FILTER html %]'</a> </td> [% ELSE %] <td> </td> |