summaryrefslogtreecommitdiffstats
path: root/Bugzilla/CGI.pm
AgeCommit message (Collapse)AuthorFilesLines
2018-03-08Bug 1441903 - Cleanup Makefile.PLDylan William Hardison1-22/+15
2018-03-05Backport 1136125 to bmo - Reduce memory usage of Bugzilla::CGI->send_cookie()Dylan William Hardison1-17/+2
2018-03-04Bug 1443003 - Port bug 1175211 to Harmony branch (Undefined subroutine ↵Dylan William Hardison1-1/+1
&Bugzilla::CGI::SERVER_PUSH)
2018-02-22Bug 1440107 - Allow 'self' frames in bug modal again (fix socorro lens)Dylan William Hardison1-1/+1
2018-02-21Bug 1439797 - Enable reporting-only CSP by defaultDylan William Hardison1-9/+7
2018-02-20Bug 1432296 - Prevent bugzilla static assets from being blocked by overly ↵Dylan William Hardison1-3/+13
long request URIs
2018-02-16Bug 1433400 (CVE-2018-5123) Prevent cross-site image requests from leaking ↵Dylan William Hardison1-0/+65
contents of certain fields due to regex search
2018-01-24Bug 1432812 - Send preload headers only for web-browser requestsDylan William Hardison1-9/+11
2018-01-12Bug 1426414 - Send preload headers for webfontsMarkus Staab1-0/+10
2018-01-03Bug 1427656 - Remove ZeroClipboard helperKohei Yoshino1-1/+0
2017-12-16Bug 1403777 - Migrate urlbase from params to localconfigDylan William Hardison1-16/+15
2017-11-28Bug 1379607 - Reimplement Google Analytics on bugzilla.mozilla.orgKohei Yoshino1-4/+4
2017-07-07Bug 1377933 - Remove trailing whitespace from all perl filesDylan William Hardison1-16/+16
2017-07-07Bug 1377232 - Revert code from bug 1361890Dylan William Hardison1-9/+1
2017-06-23Bug 1361890 - Fix problems with current js and css concatenationDylan William Hardison1-1/+9
2017-02-06Bug 1336387 - CSP breaks GitHubAuth on index and bug modal pagesDylan William Hardison1-15/+22
2017-01-31Bug 1335362 - CSP regression: MozReview requests section is broken ("Error ↵David Lawrence1-0/+6
loading review requests: unknown")
2017-01-26Bug 1334158 - Lightbox images CSP error on bug modalDylan William Hardison1-1/+10
2017-01-25Bug 1286290 - CSP compliant bug modalDylan William Hardison1-8/+38
2016-11-15Revert "Bug 1314201 - ThrowUserError and ThrowCodeError should print headers ↵Dylan William Hardison1-19/+4
if headers have not already been printed" This reverts commit 874e96c2423c772564c9dc63254baa99e86f270b.
2016-11-12Bug 1314201 - ThrowUserError and ThrowCodeError should print headers if ↵Dylan William Hardison1-4/+19
headers have not already been printed
2016-10-06Bug 1293689 - Bring Bugzilla::CGI::ContentSecurityPolicy to BMO (Backport ↵Dylan William Hardison1-10/+78
Bug 1286287)
2016-09-13Bug 1283930 - Add Makefile.PL & local/lib/perl5 support to bmo/master + ↵Dylan William Hardison1-21/+10
local symlink to data/ directory
2016-09-12Revert "Bug 1283930 - Add Makefile.PL & local/lib/perl5 support to ↵Dylan William Hardison1-10/+21
bmo/master + local symlink to data/ directory" This reverts commit e6bf4cacb10f86077fe898349485f5c7ab9fb4b6.
2016-09-12Bug 1283930 - Add Makefile.PL & local/lib/perl5 support to bmo/master + ↵Dylan William Hardison1-21/+10
local symlink to data/ directory
2015-12-01Bug 1229198 - When saving a buglist from a saved search as a CSV file, set ↵Byron Jones1-5/+4
the filename to <saved-query-name>.csv
2015-11-25Bug 1227866 - infinite loop consuming resources when PATH_INFO setByron Jones ‹:glob›1-1/+9
2015-11-05Bug 1196743 - Fix information disclosure vulnerability that allows attacker ↵Dylan Hardison1-0/+28
to obtain victim's GitHub OAuth return code
2015-06-03Bug 1170414: Redirection loop in *.cgi when path-info is presentByron Jones1-1/+5
2015-04-24Bug 1157395: CSRF in log in formDavid Lawrence1-0/+13
2014-11-04Bug 1093622: Backout bug 1090427 for causing: authenticated calls from bzapi ↵Byron Jones1-13/+0
are failing: 'Untrusted Authentication Request'
2014-11-04Bug 1090427: Backport bug 713926 to bmo/4.2 to protect against csrf for ↵David Lawrence1-0/+13
login forms
2014-07-21Bug 1041559: "Please wait while your bugs are retrieved" shown above menu ↵Byron Jones1-0/+15
header for search error pages
2014-07-10Bug 1032323: canonicalise_query() should omit parameters with empty values ↵Ed Morley1-2/+5
so generated URLs are shorter
2014-06-18Bug 1026863: buglist.cgi enters in an infinite loop if called without ↵Frédéric Buclin1-0/+4
arguments and the user is logged in
2013-09-30Bug 922246 - backport upstream bug 851267 to bmo/4.2 for performance ↵Dave Lawrence1-4/+4
improvement with large number of votes
2013-08-12Bug 894878 - CSV output template for request queues has gone awayDave Lawrence1-0/+25
r=glob
2013-08-09Bug 903514 - Backport upstream bug 569177 for etag support to bmo/4.2Dave Lawrence1-0/+20
2013-07-15Bug 892601 - Port over upstream native REST patch (bug 866927) to bmo/4.2Dave Lawrence1-1/+1
r=glob
2012-09-09Merge from bugzilla/4.2Reed Loden1-0/+4
2012-09-09Bug 671612: Send "X-Content-Type-Options: nosniff" with every responseMatt Selsky1-0/+4
r/a=LpSolit
2012-08-31Merge from bugzilla/4.2Reed Loden1-1/+11
2012-08-29Fix more bustage caused by Bug 772953Byron Jones1-4/+6
2012-08-29Fix bustage caused by Bug 772953Byron Jones1-1/+4
2012-08-28Bug 772953: Remove the token from buglist urlsByron Jones1-0/+5
r=dkl, a=LpSolit
2012-08-15Bug 779088 - Allow extensions to whitelist PATH_INFODave Lawrence1-1/+12
2012-08-15Bug 771100: Unable to attach a file to a bug with perl 5.16Frédéric Buclin1-1/+1
r=dkl a=LpSolit
2011-11-21Bug 680771 - Send X-XSS-Protection header for XSS prevention/blockingDave Lawrence1-0/+4
r=mkanat, approved for trunk=LpSolit
2011-05-31Bug 647649: Change the old "Boolean Charts" UI into the new AND/ORMax Kanat-Alexander1-3/+12
"Custom Search" UI. r=timello, a=mkanat
2011-05-29Bug 655847: Accessing buglist.cgi throws: Use of inherited AUTOLOAD for ↵Frédéric Buclin1-9/+1
non-method Bugzilla::CGI::SERVER_PUSH() is deprecated at Bugzilla/CGI.pm line 233 r/a=mkanat