summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2016-04-04Bug 1197061 - don't create a new session for every authenticated ↵David Lawrence1-0/+7
XMLRPC/JSONRPC call
2016-03-30Bug 1260545 - Legal compliance / adding terms link to new BMO account flowDavid Lawrence1-0/+6
2016-03-25Bug 1253718 - CRM/Email request formDavid Lawrence3-0/+362
2016-03-24Bug 1259266 - Attachment of security issues when viewing a bug are ↵David Lawrence3-3/+15
indistinguishable from any other attachment.
2016-03-23Bug 1251236 - Please show the diff on the attachment details page when a ↵Byron Jones2-65/+86
patch has been reviewed in MozReview
2016-03-22Bug 1258547 - XSS through javascript: callback URLs in auth delegationDylan Hardison2-0/+7
2016-03-21Bug 1252782 - can't add a "See Also" to a Chromium bug on bugs.chromium.orgDavid Lawrence3-0/+51
2016-03-15Bug 1256954 - Multiple Selenium cases are failing after the commit of bug ↵David Lawrence1-1/+1
1253914
2016-03-15Bug 1251442 - Update VP list in Recruiting ProductDavid Lawrence1-0/+1
2016-03-15Bug 1229834 - extend information we [audit] log to the syslogDylan Hardison2-1/+16
2016-03-14Bug 1255272 - Adding a flag via the MozReview batch-attachment API doesn't ↵Dylan Hardison1-0/+3
CC the user
2016-03-10Bug 1252578 - CSRF and SELECT-only SQL execution attack against ↵Dylan Hardison2-0/+2
query_database.html
2016-03-10Bug 1253914 - Cross domain referer leakage when resetting the user passwordDylan Hardison4-1/+8
2016-03-10Bug 1254227 - MozReview auth delegation allows sending out phishing mails ↵Dylan Hardison4-3/+15
via Bugzilla
2016-03-10Bug 1254675 - bug_modal template fails to escape format parameterDavid Lawrence1-1/+1
2016-03-10Bug 1254542 - Reflected XSS in comment-remo-form-payment.txt pageDylan Hardison2-1/+2
2016-03-09Bug 1253483 - MozReview.attachments() doesn't create flags on new attachmentsDylan Hardison1-1/+7
2016-03-08Bug 1252554 - Avoid possibility of XSS in release tracking reportDylan Hardison1-3/+3
2016-03-08Bug 1252445 - Tracking flags configuration is vulnerable to CSRF and causes ↵David Lawrence6-9/+24
persistent XSS
2016-03-08Bug 1251442 - Update VP list in Recruiting ProductDavid Lawrence1-3/+4
2016-03-07Bug 1253691 - In issue-api-key.pl, set the MozReview API key if the ↵Mark Côté1-2/+9
description is 'mozreview'. r=dylan
2016-03-07Bug 1252084 - Warning when entering row into user_request_log when running ↵David Lawrence1-1/+2
commandline script
2016-03-07Bug 1252862 - Remove calls to delete_token() in several places where it is ↵David Lawrence3-4/+1
unnecessary
2016-03-03Bug 1252735 - test_email_preferences.t selenium test is intermittently failingDavid Lawrence1-1/+1
- Archiving the test caused test_qa_contact.t to fail due to a bug in the test that relied on the archived test to set a preference to enabled. An accidental side effect. Changing generate_test_data.pl to always add preferences as enabled by default since BMO does not display displayed preferences.
2016-03-03Bug 1252735 - selenium tests are failingDavid Lawrence1-0/+0
- Archiving test script for now til a future time it can be fixed
2016-03-03Bug 1253032 - Recent change to JSON::XS breaks some APIsDylan Hardison1-0/+1
2016-03-02Bug 1252628 - 404 on ↵David Lawrence1-1/+1
https://www.mozilla.org/en-US/quality/bug-writing-guidelines.html
2016-03-01Bug 1252437 - XSS vulnerability through malicious bug aliasesDylan Hardison1-1/+2
2016-03-01Bug 1252437 - XSS vulnerability through malicious bug aliasesDylan Hardison2-3/+6
2016-03-01Revert "Bug 1251208 - Bugzilla->request_cache() can be faster"Dylan William Hardison1-6/+29
This reverts commit 1d3186c171465b173a42f8ecd168662eccccc4d1.
2016-03-01Bug 1252210 - AntiSpam configuration is vulnerable to CSRF and persistent XSSDylan Hardison2-1/+8
2016-03-01Bug 1252216 - Push extension configuration is vulnerable to CSRF and ↵David Lawrence3-0/+7
potentially code execution
2016-03-01Bug 1252219 - Attachment bounty form is vulnerable to CSRF and persistent XSSDylan Hardison2-9/+16
2016-03-01Bug 1251208 - Bugzilla->request_cache() can be fasterDylan Hardison1-29/+6
r=dkl,a=dylan
2016-02-29Bug 1251047 - cmp is remarkably different from eqDylan William Hardison1-1/+1
2016-02-29Bug 1251047 - fix to work with right functionDylan William Hardison1-2/+2
2016-02-29Bug 1251047 - /rest/bug/field takes 15-25 seconds to returnDylan Hardison1-2/+2
2016-02-29Bug 1251647 - XSS vulnerability in the remo-form-payment pageDylan Hardison2-107/+89
2016-02-29Bug 1251731 - XSS vulnerability through malicious attachment namesDavid Lawrence2-29/+43
2016-02-27Bug 1223421 - Hide/Obfuscate MozReview API KeysDylan Hardison2-4/+28
2016-02-27Bug 1251442 - Update VP list in Recruiting ProductDylan Hardison1-7/+5
2016-02-26Bug 1251221 - Pass cache => 1 to calls to Bugzilla::Product->new() called in ↵Dylan Hardison3-6/+5
Bugzilla::{Milestone,Version,Component} r=dkl,a=dylan
2016-02-24Bug 1249196 - mass-resolve l10n fxos bugsDavid Lawrence1-0/+82
2016-02-24Bug 1250911 - document the count_only rest argumentDavid Lawrence1-1/+4
2016-02-23Bug 1244718 - API documentation is missing error codesDavid Lawrence13-445/+343
2016-02-22- task.expires needs to be greater than artifacts.expiresDavid Lawrence1-0/+4
2016-02-22- Update artifact expiration dateDavid Lawrence1-7/+7
2016-02-22Bug 1250129 - tab links sometimes do not workDylan Hardison1-1/+1
2016-02-22Bug 1249614 - Release Tracking Report missed bugDavid Lawrence1-2/+2
2016-02-16Bug 1245471 - Release Tracking Report should be able to have custom datesDavid Lawrence3-68/+251