summaryrefslogtreecommitdiffstats
path: root/Bugzilla/Auth
AgeCommit message (Expand)AuthorFilesLines
2016-05-03Bug 1268989 - Inefficient check of "Bugzilla_api_token" might lead to CSRF/da...Dylan William Hardison1-9/+6
2016-04-27Bug 218917 - Allow the login name to be different from the email addressFrédéric Buclin3-31/+37
2016-02-29Bug 1136137: Require Perl 5.14Frédéric Buclin12-12/+12
2015-09-15Bug 1185241: Logging out when or after impersonating a user doesn't delete co...Frédéric Buclin1-1/+1
2015-09-06Bug 1194987: Editing your email address and make it point to a non-existent e...Frédéric Buclin1-3/+6
2015-08-13Bug 1185240: Logging out while impersonating a user should also delete the su...Frédéric Buclin1-0/+4
2015-03-09Bug 1139257: allow cookie+api-token GET REST requestsByron Jones1-8/+18
2014-09-29Bug 1071317: Remove unused variablesFrédéric Buclin1-1/+0
2014-09-11Bug 1009013 - Require a user to change their password if they log in and thei...Simon Green1-4/+13
2014-08-13Bug 996893: Perl 5.18 and newer throw tons of warnings about deprecated modulesFrédéric Buclin12-0/+15
2014-07-31Bug 1044701: "Uninitialized value $token_type" when passing an invalid Bugzil...David Lawrence1-1/+4
2014-07-27Bug 726696 - All authenticated WebServices methods should require username/pa...Simon Green2-1/+65
2014-05-20Bug 1009017: users are unable to log in if their password needs to beByron Jones1-1/+3
2014-04-25Bug 1001497: User.login incorrectly returns id = 0 when the login or password...Frédéric Buclin1-1/+1
2014-04-17Bug 713926: (CVE-2014-1517) [SECURITY] Login form lacks CSRF protectionFrédéric Buclin2-4/+41
2014-04-14Bug 987205: Bugzilla crashes because it tries to import a non-exported login_...Frédéric Buclin3-4/+3
2014-02-27Bug 947823: Replace gender-specific pronouns with gender-neutral pronounsCharlie Somerville1-1/+1
2014-01-31Bug 956233: enable USE_MEMCACHE on most objectsByron Jones2-0/+2
2013-12-21Bug 748095: Bugzilla crashes when the shutdownhtml parameter is set and using...Frédéric Buclin1-3/+4
2013-10-16Bug 907438 - In MySQL, login cookie checking is not case-sensitive, reducing ...Dave Lawrence1-3/+3
2013-09-26Bug 917669 - invalid or expired authentication tokens and cookies should thro...Dave Lawrence1-8/+13
2013-08-27Bug 893195 - Allow token based authentication for webservicesDave Lawrence3-23/+79
2012-12-31Bug 785283 - Support increased values for PASSWORD_SALT_LENGTH without breaki...Reed Loden1-1/+12
2012-12-01Bug 787668: Use |use parent| instead of |use base|Matt Selsky5-5/+5
2012-11-30Bug 816747 - Add dummy POD for unPODded methods.Marc Schumann1-0/+8
2012-09-01Bug 787529: Use |use 5.10.1| everywhereFrédéric Buclin11-0/+28
2012-08-30Bug 785470: (CVE-2012-3981) [SECURITY] Missing escaping of the username can l...Reed Loden1-0/+2
2012-01-11Bug 680131: Replace the MPL 1.1 license by the MPL 2.0 one in all files, and ...Frédéric Buclin11-225/+55
2011-11-18Make Login/Stack.pm refuse to continue down the stack if an Auth method retur...Gervase Markham1-2/+8
2011-05-06Bug 653713: editusers.cgi crashes when editing a user profileJochen Wiedmann1-1/+4
2011-04-28Bug 423612 - Allow editing extern_id for users from the admin interfaceJochen Wiedmann5-0/+30
2010-10-15Bug 604522: t/012throwables.t doesn't catch new user errors correctlyFrédéric Buclin1-2/+2
2010-10-14Bug 575947: Users with passwords length less than 6 characters can't login af...Frédéric Buclin1-0/+6
2010-10-07Bug 602165: Change sql_interval to sql_date_math, in preparation forMax Kanat-Alexander1-2/+3
2010-04-22Bug 550732: Allow read-only JSON-RPC methods to be called with GETMax Kanat-Alexander4-0/+16
2010-03-24Bug 553770: Make the JSON-RPC WebService throw a proper error when you don'tMax Kanat-Alexander1-4/+2
2010-02-01Fix the data in the bzr repo to match the data in the CVS repo.Max Kanat-Alexander1-0/+0
2010-01-05Bug 467992: Login fails if the user's LDAP account is denied search in LDAP -...lpsolit%gmail.com1-5/+28
2009-12-31Bug 527586: Use X-Forwarded-For instead of REMOTE_ADDR for trusted proxiesmkanat%bugzilla.org2-2/+2
2009-12-31Bug 385606: Logincookies are recreated at each HTTP request when using the 'E...lpsolit%gmail.com1-0/+1
2009-12-13Bug 355283: Lock out a user account on a particular IP for 30 minutes if they...mkanat%bugzilla.org1-16/+30
2009-11-24Bug 430014: Re-write the code hooks system so that it uses modules instead of...mkanat%bugzilla.org2-2/+2
2009-11-09Bug 525734: Allow WebService clients to authenticate using Bugzilla_login and...mkanat%bugzilla.org2-8/+7
2009-10-19Bug 399073: Remove the 'loginnetmask' parameter - Patch by Frédéric Buc...lpsolit%gmail.com2-26/+14
2009-10-09Bug 514913: Eliminate ssl="authenticated sessions"mkanat%bugzilla.org2-16/+3
2009-04-17Bug 488467: Verify and Login auth methods were being called in a random order...mkanat%bugzilla.org2-2/+2
2009-03-02Bug 121601: Have logout display index.cgi, not just a message on relogin.cgi.mkanat%bugzilla.org1-0/+1
2009-01-20Bug 134022: PERFORMANCE: deleting old login cookies locks login checksmkanat%bugzilla.org1-0/+9
2009-01-02Bug 211006: Make Bugzilla use SHA-256 instead of crypt() to store hashed pass...mkanat%bugzilla.org1-0/+10
2008-10-23Bug 455584 - Use bz_crypt everywhere instead of the crypt() functiondkl%redhat.com1-6/+1