summaryrefslogtreecommitdiffstats
path: root/template
diff options
context:
space:
mode:
authorDave Lawrence <dlawrence@mozilla.com>2012-02-22 16:38:20 +0100
committerDave Lawrence <dlawrence@mozilla.com>2012-02-22 16:38:20 +0100
commit69ad536a55aaa58bfd4cb68578061dd5efe5b84d (patch)
tree5915dfacba496980a5376cfc5ee6b2937734f3df /template
parente00513c9a718d79fcd9b9bfd67a5938380519e10 (diff)
downloadbugzilla-69ad536a55aaa58bfd4cb68578061dd5efe5b84d.tar.gz
bugzilla-69ad536a55aaa58bfd4cb68578061dd5efe5b84d.tar.xz
Bug 725663 - (CVE-2012-0453) [SECURITY] CSRF vulnerability in the XML-RPC API when using mod_perl
r/a=LpSolit
Diffstat (limited to 'template')
-rw-r--r--template/en/default/global/user-error.html.tmpl5
1 files changed, 5 insertions, 0 deletions
diff --git a/template/en/default/global/user-error.html.tmpl b/template/en/default/global/user-error.html.tmpl
index 9e99dae15..feff9f042 100644
--- a/template/en/default/global/user-error.html.tmpl
+++ b/template/en/default/global/user-error.html.tmpl
@@ -1702,6 +1702,11 @@
&lt;[% type FILTER html %]&gt; field. (See the XML-RPC specification
for details.)
+ [% ELSIF error == "xmlrpc_illegal_content_type" %]
+ When using XML-RPC, you cannot send data as
+ [%+ content_type FILTER html %]. Only text/xml
+ and application/xml are allowed.
+
[% ELSIF error == "zero_length_file" %]
[% title = "File Is Empty" %]
The file you are trying to attach is empty, does not exist, or you don't