diff options
| -rw-r--r-- | Bugzilla/CGI.pm | 3 | ||||
| -rw-r--r-- | Bugzilla/Config/Advanced.pm | 6 | ||||
| -rw-r--r-- | docs/en/rst/administering/parameters.rst | 13 | ||||
| -rw-r--r-- | template/en/default/admin/params/advanced.html.tmpl | 7 | ||||
| -rw-r--r-- | template/en/default/admin/params/attachment.html.tmpl | 5 |
5 files changed, 1 insertions, 33 deletions
diff --git a/Bugzilla/CGI.pm b/Bugzilla/CGI.pm index d43a68f93..de4bd23d3 100644 --- a/Bugzilla/CGI.pm +++ b/Bugzilla/CGI.pm @@ -451,8 +451,7 @@ sub send_cookie { # Add the default path and the domain in. my $uri = URI->new(Bugzilla->params->{urlbase}); $paramhash{'-path'} = $uri->path; - $paramhash{'-domain'} = Bugzilla->params->{'cookiedomain'} - if Bugzilla->params->{'cookiedomain'}; + $paramhash{'-domain'} = $uri->host if $uri->host; push(@{$self->{'Bugzilla_cookie_list'}}, $self->cookie(%paramhash)); } diff --git a/Bugzilla/Config/Advanced.pm b/Bugzilla/Config/Advanced.pm index b3968a254..7a61bf7c4 100644 --- a/Bugzilla/Config/Advanced.pm +++ b/Bugzilla/Config/Advanced.pm @@ -17,12 +17,6 @@ our $sortkey = 1700; use constant get_param_list => ( { - name => 'cookiedomain', - type => 't', - default => '' - }, - - { name => 'inbound_proxies', type => 't', default => '', diff --git a/docs/en/rst/administering/parameters.rst b/docs/en/rst/administering/parameters.rst index 5835d654f..3b4b42983 100644 --- a/docs/en/rst/administering/parameters.rst +++ b/docs/en/rst/administering/parameters.rst @@ -239,10 +239,6 @@ attachment_base :param:`urlbase` or :param:`sslbase`. That is, a different domain name that resolves to this exact same Bugzilla installation. - Note that if you have set the :param:`cookiedomain` parameter, you should - set :param:`attachment_base` to use a domain that would not be matched by - :param:`cookiedomain`. - For added security, you can insert ``%bugid%`` into the URL, which will be replaced with the ID of the current bug that the attachment is on, when you access an attachment. This will limit attachments to accessing only other @@ -825,15 +821,6 @@ confirmuniqueusermatch Advanced ======== -cookiedomain - Defines the domain for Bugzilla cookies. This is typically left blank. - If there are multiple hostnames that point to the same webserver, which - require the same cookie, then this parameter can be utilized. For - example, If your website is at - ``https://bugzilla.example.com/``, setting this to - :paramval:`.example.com/` will also allow - ``attachments.example.com/`` to access Bugzilla cookies. - inbound_proxies When inbound traffic to Bugzilla goes through a proxy, Bugzilla thinks that the IP address of the proxy is the IP address of every single user. If you diff --git a/template/en/default/admin/params/advanced.html.tmpl b/template/en/default/admin/params/advanced.html.tmpl index 1aedc9f9b..70171bd53 100644 --- a/template/en/default/admin/params/advanced.html.tmpl +++ b/template/en/default/admin/params/advanced.html.tmpl @@ -41,13 +41,6 @@ [% END %] [% param_descs = { - cookiedomain => - "If your website is at 'www.foo.com', setting this to" - _ " '.foo.com' will also allow 'bar.foo.com' to access" - _ " Bugzilla cookies. This is useful if you have more than" - _ " one hostname pointing at the same web server, and you" - _ " want them to share the Bugzilla cookie.", - inbound_proxies => "When inbound traffic to Bugzilla goes through a proxy," _ " Bugzilla thinks that the IP address of every single" diff --git a/template/en/default/admin/params/attachment.html.tmpl b/template/en/default/admin/params/attachment.html.tmpl index c850802ab..1e65f0ca4 100644 --- a/template/en/default/admin/params/attachment.html.tmpl +++ b/template/en/default/admin/params/attachment.html.tmpl @@ -31,11 +31,6 @@ _ " that is not the same as <var>urlbase</var> or <var>sslbase</var>." _ " That is, a different domain name that resolves to this exact" _ " same Bugzilla installation.</p>" - _ "<p>Note that if you have set the" - _ " <a href=\"editparams.cgi?section=advanced#cookiedomain_desc\"><var>cookiedomain</var>" - _" parameter</a>, you should set <var>attachment_base</var> to use a" - _ " domain that would <em>not</em> be matched by" - _ " <var>cookiedomain</var>.</p>" _ "<p>For added security, you can insert <var>%bugid%</var> into the URL," _ " which will be replaced with the ID of the current $terms.bug that" _ " the attachment is on, when you access an attachment. This will limit" |