summaryrefslogtreecommitdiffstats
path: root/Bugzilla/CGI.pm
AgeCommit message (Collapse)AuthorFilesLines
2012-08-29Bug 782856: Remove the obsolete BEGIN block in Bugzilla/CGI.pmFrédéric Buclin1-9/+0
r=glob a=LpSolit
2012-08-29Fix more bustage caused by Bug 772953Byron Jones1-4/+6
2012-08-29Fix bustage caused by Bug 772953Byron Jones1-1/+4
2012-08-28Bug 772953: Remove the token from buglist urlsByron Jones1-0/+5
r=dkl, a=LpSolit
2012-08-17Bug 783386: Removing PATH_INFO prevents Bugzilla from working correctly with IISFrédéric Buclin1-2/+9
r=dkl a=LpSolit
2012-08-15Bug 771100: Unable to attach a file to a bug with perl 5.16Frédéric Buclin1-1/+1
r=dkl a=LpSolit
2012-08-10Bug 779088 - Allow extensions to whitelist PATH_INFODave Lawrence1-3/+9
r/a=LpSolit
2012-07-24Fix typo in a commentFrédéric Buclin1-1/+1
2012-07-24Bug 243764: Remove the Path-Info information from the URL as it causes ↵Frédéric Buclin1-0/+5
unexpected behaviors r=dkl a=LpSolit
2012-06-07Bug 761199: buglist.cgi enters in an infinite loop if called without ↵Frédéric Buclin1-0/+4
arguments and the user is logged in r=timello a=LpSolit
2012-06-05Bug 761331: Remove our customized multipart_init() methodFrédéric Buclin1-29/+0
r=glob a=LpSolit
2012-05-29Bug 671612: Send "X-Content-Type-Options: nosniff" with every responseMatt Selsky1-0/+4
r/a=LpSolit
2012-02-27Bug 730670: Do not redirect in buglist.cgi to improve performanceFrédéric Buclin1-1/+9
r=glob a=LpSolit
2012-01-11Bug 680131: Replace the MPL 1.1 license by the MPL 2.0 one in all files, and ↵Frédéric Buclin1-21/+5
add it to files which miss one r=kiko r=mkanat r=mrbball a=LpSolit
2011-12-26Bug 629326: Make it simpler to check ETagsMax Kanat-Alexander1-0/+20
r/a=LpSolit
2011-11-21Bug 680771 - Send X-XSS-Protection header for XSS prevention/blockingReed Loden1-0/+4
[r=mkanat a=LpSolit]
2011-05-31Bug 647649: Change the old "Boolean Charts" UI into the new AND/ORMax Kanat-Alexander1-3/+12
"Custom Search" UI. r=timello, a=mkanat
2011-05-29Bug 655847: Accessing buglist.cgi throws: Use of inherited AUTOLOAD for ↵Frédéric Buclin1-9/+1
non-method Bugzilla::CGI::SERVER_PUSH() is deprecated at Bugzilla/CGI.pm line 233 r/a=mkanat
2013-05-04Bug 652625 - Empty queries still get run because the list_id parameter is ↵David Lawrence1-1/+3
added to them r/a=mkanat
2011-03-14Bug 637977: Re-setup CGI.pm global variables on every request under mod_perl,Max Kanat-Alexander1-13/+24
which prevents CGI.pm from generating URLs with semicolons in them instead of ampersands. r=glob, a=mkanat
2010-12-28Remove unused variable, per my review commentFrédéric Buclin1-1/+0
https://bugzilla.mozilla.org/show_bug.cgi?id=615574
2010-12-27Bug 615574: Make every search done by buglist.cgi create a list_id, so thatMax Kanat-Alexander1-0/+49
even Saved Searches get "last list" support. r=LpSolit, a=LpSolit
2010-12-18Bug 475894 - Send the 'X-Frame-Options: SAMEORIGIN' header to help protect ↵Reed Loden1-0/+6
against clickjacking. [r=mkanat a=mkanat]
2010-12-06Bug 607138: Don't send the Strict-Transport-Security header for theMax Kanat-Alexander1-2/+6
attachment_base. r=LpSolit, a=LpSolit
2010-11-03Bug 600464: (CVE-2010-3172) [SECURITY] Content/Header injection due to ↵Byron Jones1-1/+2
non-random multipart/x-mixed-replace boundary r=mkanat a=LpSolit
2010-10-28Bug 607966: Use of qw(...) as parentheses is deprecated since Perl 5.13.5Frédéric Buclin1-3/+1
r=gerv a=LpSolit
2010-09-29Bug 600475 - Support the 'includeSubDomains' flag as an option for the ↵Reed Loden1-2/+6
'Strict-Transport-Security' advanced option in order to protect subdomains. [r=glob a=mkanat]
2010-09-28Bug 594990: Make the Strict-Transport-Security HTTP header only be sentMax Kanat-Alexander1-2/+2
if a particular parameter is enabled. r=glob, a=mkanat
2010-07-16Bug 398308: Make Search.pm take a hashref for its "params" argumentMax Kanat-Alexander1-12/+0
instead of taking a CGI object. r=mkanat, a=mkanat (module owner)
2010-07-15Bug 521416: Some web servers fail to set the QUERY_STRING parameterbyron jones (glob)1-0/+3
r/a=mkanat
2010-06-27Bug 575097 - "New STS header in Bugzilla::CGI causes malformed header error ↵Reed Loden1-5/+6
due to lack of Content-Type naming" [r=LpSolit a=LpSolit]
2010-06-26Bug 562475 - "Bugzilla should use strict-transport-security (STS) headers"Reed Loden1-0/+6
[r=mkanat a=mkanat]
2010-06-24Bug 574166: Make clean_search_url take into account the new email3 fieldsMax Kanat-Alexander1-1/+1
from query.cgi r=glob, a=mkanat
2010-06-16Bug 24896: Make the First/Last/Prev/Next navigation on bugs work withMax Kanat-Alexander1-0/+4
multiple buglists at once r=glob, a=mkanat
2010-05-14Bug 561296: A fix allowing updating a field value's name when it isMax Kanat-Alexander1-0/+8
the default value r=LpSolit, a=LpSolit
2010-04-22Bug 560009: Use firstidx from List::MoreUtils instead of lsearchMax Kanat-Alexander1-1/+1
r=timello, a=mkanat
2010-02-01Bug 537746: Search criteria headers on buglist duplicate unnecessarily when ↵Frédéric Buclin1-3/+12
bugidtype is in use Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=mkanat
2010-01-12Bug 509030: "Changes older than" in Advanced Search is sometimes ignored - ↵lpsolit%gmail.com1-1/+2
Patch by Frédéric Buclin <LpSolit@gmail.com> r=gerv a=LpSolit
2009-11-09Bug 525734: Allow WebService clients to authenticate using Bugzilla_login ↵mkanat%bugzilla.org1-0/+33
and Bugzilla_password Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat
2009-10-24Bug 523495: Re-work attachment.cgi and the general attachment_base-checking ↵mkanat%bugzilla.org1-9/+27
code to prevent an infinite redirect loop when ssl_redirect is on and Bugzilla has an attachment_base set. Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
2009-10-09Bug 514913: Eliminate ssl="authenticated sessions"mkanat%bugzilla.org1-21/+22
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat
2009-09-04Bug 224588: Unify ($^O =~ /MSWin/) checks (always use ON_WINDOWS)mkanat%bugzilla.org1-8/+7
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
2009-07-07Bug 502641: Fix various problems that would occur when you would log in from ↵mkanat%bugzilla.org1-1/+15
buglist.cgi Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
2009-07-06Bug 502498: Use of uninitialized value in string eq at Bugzilla/CGI.pm line ↵lpsolit%gmail.com1-1/+3
289 - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=mkanat
2009-07-04Bug 501538: Make $cgi->param() also check GET variables during a POST, so ↵mkanat%bugzilla.org1-6/+17
that POST forms with query-string variables in the target (like the login form) work correctly. Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
2009-03-31Bug 432907: Create a JSON frontend for WebServicesmkanat%bugzilla.org1-2/+2
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat
2009-02-02Bug 38862: [SECURITY] attachments should be at a different hostname - Patch ↵lpsolit%gmail.com1-0/+24
by Byron Jones <bugzilla@glob.com.au> and Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=LpSolit
2009-01-20Bug 431744: "Change Columns" URL contained more than 3x the characters in ↵mkanat%bugzilla.org1-0/+4
the base buglist.cgi URL Patch By Michael J Tosh <michael.j.tosh@lmco.com> r=mkanat, a=mkanat
2008-09-17Bug 454892: Improve Bugzilla::CGI::clean_search_url to remove all the normal ↵mkanat%bugzilla.org1-2/+41
"default" fields Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat
2008-08-18Bug 428659 – Setting SSL param to 'authenticated sessions' only ↵dkl%redhat.com1-22/+19
protects logins and param doesn't protect WebService calls at all Patch by David Lawrence <dkl@redhat.com> - r/a=LpSolit/mkanat