Bug 1403777 - Migrate urlbase from params to localconfig

7 files changed, 26 insertions, 91 deletions

diff --git a/template/en/default/admin/params/advanced.html.tmpl b/template/en/default/admin/params/advanced.html.tmpl
index a23c602ae..75885b3f4 100644
--- a/template/en/default/admin/params/advanced.html.tmpl
+++ b/template/en/default/admin/params/advanced.html.tmpl
@@ -19,7 +19,7 @@
   #                 Frédéric Buclin <LpSolit@gmail.com>
   #%]
 
-[% 
+[%
    title = "Advanced"
    desc = "Settings for advanced configurations."
 %]
@@ -29,7 +29,7 @@
   <a href="https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security">Strict-Transport-Security</a>
   header along with HTTP responses on SSL connections. This adds greater
   security to your SSL connections by forcing the browser to always
-  access your domain over SSL and never accept an invalid certificate. 
+  access your domain over SSL and never accept an invalid certificate.
   However, it should only be used if you have the <code>ssl_redirect</code>
   parameter turned on, [% terms.Bugzilla %] is the only thing running
   on its domain (i.e., your <code>urlbase</code> is something like
@@ -54,13 +54,6 @@
 [% END %]
 
 [% param_descs = {
-  cookiedomain => 
-    "If your website is at 'www.foo.com', setting this to"
-    _ " '.foo.com' will also allow 'bar.foo.com' to access"
-    _ " $terms.Bugzilla cookies. This is useful if you have more than"
-    _ " one hostname pointing at the same web server, and you"
-    _ " want them to share the $terms.Bugzilla cookie.",
-
   inbound_proxies =>
     "When inbound traffic to $terms.Bugzilla goes through a proxy,"
     _ " $terms.Bugzilla thinks that the IP address of every single"
@@ -71,7 +64,7 @@
     _ " If set to a *, $terms.Bugzilla will trust the first value in the "
     _ " X-Forwarded-For header.",
 
-  proxy_url => 
+  proxy_url =>
     "$terms.Bugzilla may have to access the web to get notifications about"
     _ " new releases (see the <tt>upgrade_notification</tt> parameter)."
     _ " If your $terms.Bugzilla server is behind a proxy, it may be"
diff --git a/template/en/default/admin/params/attachment.html.tmpl b/template/en/default/admin/params/attachment.html.tmpl
index bdd20c676..0858a1044 100644
--- a/template/en/default/admin/params/attachment.html.tmpl
+++ b/template/en/default/admin/params/attachment.html.tmpl
@@ -35,28 +35,6 @@
     _ "<p>It is highly recommended that you set the <tt>attachment_base</tt>"
     _ " parameter if you turn this parameter on.",
 
-  attachment_base => 
-    "When the <tt>allow_attachment_display</tt> parameter is on, it is "
-    _ " possible for a malicious attachment to steal your cookies or"
-    _ " perform an attack on $terms.Bugzilla using your credentials."
-    _ "<p>If you would like additional security on attachments to avoid"
-    _ " this, set this parameter to an alternate URL for your $terms.Bugzilla"
-    _ " that is not the same as <tt>urlbase</tt> or <tt>sslbase</tt>."
-    _ " That is, a different domain name that resolves to this exact"
-    _ " same $terms.Bugzilla installation.</p>"
-    _ "<p>Note that if you have set the"
-    _ " <a href=\"editparams.cgi?section=advanced#cookiedomain_desc\"><tt>cookiedomain</tt>"
-    _" parameter</a>, you should set <tt>attachment_base</tt> to use a"
-    _ " domain that would <em>not</em> be matched by"
-    _ " <tt>cookiedomain</tt>.</p>"
-    _ "<p>For added security, you can insert <tt>%bugid%</tt> into the URL,"
-    _ " which will be replaced with the ID of the current $terms.bug that"
-    _ " the attachment is on, when you access an attachment. This will limit"
-    _ " attachments to accessing only other attachments on the same"
-    _ " ${terms.bug}. Remember, though, that all those possible domain names "
-    _ " (such as <tt>1234.your.domain.com</tt>) must point to this same"
-    _ " $terms.Bugzilla instance.",
-
   allow_attachment_deletion =>
     "If this option is on, administrators will be able to delete " _
     "the content of attachments.",
diff --git a/template/en/default/admin/params/core.html.tmpl b/template/en/default/admin/params/core.html.tmpl
deleted file mode 100644
index b1578f422..000000000
--- a/template/en/default/admin/params/core.html.tmpl
+++ /dev/null
@@ -1,48 +0,0 @@
-[%# The contents of this file are subject to the Mozilla Public
-  # License Version 1.1 (the "License"); you may not use this file
-  # except in compliance with the License. You may obtain a copy of
-  # the License at http://www.mozilla.org/MPL/
-  #
-  # Software distributed under the License is distributed on an "AS
-  # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
-  # implied. See the License for the specific language governing
-  # rights and limitations under the License.
-  #
-  # The Original Code is the Bugzilla Bug Tracking System.
-  #
-  # The Initial Developer of the Original Code is Netscape Communications
-  # Corporation. Portions created by Netscape are
-  # Copyright (C) 1998 Netscape Communications Corporation. All
-  # Rights Reserved.
-  #
-  # Contributor(s): Dave Miller <justdave@bugzilla.org>
-  #                 Frédéric Buclin <LpSolit@gmail.com>
-  #%]
-
-[% 
-   title = "Required Settings"
-   desc = "Settings that are required for proper operation of $terms.Bugzilla" 
-%]
-
-[% param_descs = {
-  urlbase => "The URL that is the common initial leading part of all $terms.Bugzilla " _
-             "URLs.",
-
-  sslbase => "The URL that is the common initial leading part of all HTTPS " _
-             "(SSL) $terms.Bugzilla URLs.",
-
-  ssl_redirect => 
-    "When this is enabled, $terms.Bugzilla will ensure that every page is"
-    _ " accessed over SSL, by redirecting any plain HTTP requests to HTTPS"
-    _ " using the <tt>sslbase</tt> parameter. Also, when this is enabled,"
-    _ " $terms.Bugzilla will send out links using <tt>sslbase</tt> in emails"
-    _ " instead of <tt>urlbase</tt>.",
-
-  cookiepath => "Path, relative to your web document root, to which to restrict " _
-                "$terms.Bugzilla cookies. Normally this is the URI portion of your URL " _
-                "base. Begin with a / (single slash mark). For instance, if " _
-                "$terms.Bugzilla serves from 'http://www.somedomain.com/bugzilla/', set " _
-                "this parameter to /bugzilla/. Setting it to / will allow " _
-                "all sites served by this web server or virtual host to read " _
-                "$terms.Bugzilla cookies.",
-} %]
diff --git a/template/en/default/global/header.html.tmpl b/template/en/default/global/header.html.tmpl
index a7aed895e..9baecbb53 100644
--- a/template/en/default/global/header.html.tmpl
+++ b/template/en/default/global/header.html.tmpl
@@ -96,7 +96,6 @@
   <head>
     [%- js_BUGZILLA = {
             param => {
-                cookiepath => Param('cookiepath'),
                 maxusermatches => Param('maxusermatches'),
             },
             constant => {
diff --git a/template/en/default/robots.txt.tmpl b/template/en/default/robots.txt.tmpl
index c4948efe5..7ef83c0f1 100644
--- a/template/en/default/robots.txt.tmpl
+++ b/template/en/default/robots.txt.tmpl
@@ -2,7 +2,7 @@ User-agent: *
 Disallow: /
 Crawl-delay: 30
 
-[% IF NOT urlbase.matches("bugzilla-dev") %]
+[% IF NOT Bugzilla.localconfig.urlbase.matches("bugzilla-dev") %]
 
 Allow: /$
 Allow: /index.cgi
diff --git a/template/en/default/setup/strings.txt.pl b/template/en/default/setup/strings.txt.pl
index 9a8e3b9d1..35a771ff3 100644
--- a/template/en/default/setup/strings.txt.pl
+++ b/template/en/default/setup/strings.txt.pl
@@ -106,6 +106,24 @@ END
 The following variables are no longer used in ##localconfig##, and
 have been moved to ##old_file##: ##vars##
 END
+    localconfig_attachment_base => <<'END',
+When the runtime allow_attachment_display parameter is on, it is
+possible for a malicious attachment to steal your cookies or
+perform an attack using your credentials.
+
+If you would like additional security on attachments to avoid
+this, set this parameter to an alternate URL for your $terms.Bugzilla
+that is not the same as urlbase.
+That is, a different domain name that resolves to this exact
+same installation.
+
+For added security, you can insert %bugid% into the URL,
+which will be replaced with the ID of the current bug that
+the attachment is on, when you access an attachment. This will limit
+attachments to accessing only other attachments on the same
+bug. Remember, though, that all those possible domain names
+ must point to this same instance.
+END
     localconfig_create_htaccess => <<'END',
 If you are using Apache as your web server, Bugzilla can create .htaccess
 files for you, which will keep this file (localconfig) and other
@@ -180,7 +198,7 @@ here.
 END
     localconfig_memcached_servers => <<'END',
 If this option is set, Bugzilla will integrate with Memcached.
-Specify one or more servers, separated by spaces, using hostname:port 
+Specify one or more servers, separated by spaces, using hostname:port
 notation (for example: 127.0.0.1:11211).
 END
     localconfig_memcached_namespace => <<'END',
@@ -198,6 +216,9 @@ This hash is used by BMO to override select data/params values on a per-webhead
 basis. Keys set to undef will default to the value in data/params.
 Only the keys listed below can be overridden.
 END
+    localconfig_urlbase => <<'END',
+The URL that is the common initial leading part of all URLs.
+END
     localconfig_use_suexec => <<'END',
 Set this to 1 if Bugzilla runs in an Apache SuexecUserGroup environment.
 
diff --git a/template/en/default/welcome-admin.html.tmpl b/template/en/default/welcome-admin.html.tmpl
index e37008fc7..11d70a6ea 100644
--- a/template/en/default/welcome-admin.html.tmpl
+++ b/template/en/default/welcome-admin.html.tmpl
@@ -40,14 +40,6 @@
   parameters for this installation; among others:</p>
 
   <ul>
-    <li><a href="editparams.cgi?section=core#urlbase_desc">urlbase</a>, which is the URL
-    pointing to this installation and which will be used in emails (which is also the
-    reason you see this page: as long as this parameter is not set, you will see this
-    page again and again).</li>
-
-    <li><a href="editparams.cgi?section=core#cookiepath_desc">cookiepath</a> is important
-    for your browser to manage your cookies correctly.</li>
-
     <li><a href="editparams.cgi?section=general#maintainer_desc">maintainer</a>,
       the person responsible for this installation if something is
       running wrongly.</li>