Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2013-02-19 | Bug 842038: (CVE-2013-0785) [SECURITY] XSS in show_bug.cgi when using an ↵ | Frédéric Buclin | 1 | -5/+9 | |
invalid page format r=glob a=LpSolit | |||||
2013-01-17 | Bug 830467: Don't call _wanted_languages() when only one is available | Frédéric Buclin | 1 | -8/+3 | |
r=glob a=LpSolit | |||||
2013-01-14 | Bug 829939: Only build default_authorizer on request | Frédéric Buclin | 1 | -1/+1 | |
r=glob a=LpSolit | |||||
2013-01-14 | Bug 829709: Do not load CSS files from all skins by default | Frédéric Buclin | 1 | -36/+13 | |
r=dkl a=LpSolit | |||||
2012-12-29 | Bug 804343: Implement autolinkification for a list of comment ids | Koosha Khajeh Moogahi | 1 | -1/+15 | |
r/a=LpSolit | |||||
2012-12-01 | Bug 787668: Use |use parent| instead of |use base| | Matt Selsky | 1 | -1/+1 | |
r/a=LpSolit | |||||
2012-11-30 | Bug 816747 - Add dummy POD for unPODded methods. | Marc Schumann | 1 | -0/+26 | |
r/a=LpSolit | |||||
2012-11-22 | Bug 811280: Adds a caching mechanism to Bugzilla::Object to avoid querying ↵ | Byron Jones | 1 | -3/+3 | |
the database repeatedly for the same information r=dkl,a=LpSolit | |||||
2012-11-16 | Bug 797636: Improve performance for buglists | Frédéric Buclin | 1 | -3/+2 | |
r=dkl a=LpSolit | |||||
2012-10-13 | Bug 213440: quoteUrls() should permit multiple bug numbers to be linkified ↵ | Koosha Khajeh Moogahi | 1 | -0/+17 | |
in comments r/a=LpSolit | |||||
2012-10-04 | Bug 797883: Adds a Bugzilla->process_cache | Byron Jones | 1 | -7/+6 | |
r=LpSolit, a=LpSolit | |||||
2012-09-01 | Bug 787529: Use |use 5.10.1| everywhere | Frédéric Buclin | 1 | -0/+1 | |
r=wicked a=LpSolit | |||||
2012-08-08 | Bug 778631: use a persistent Template::Provider to avoid recompiling ↵ | Byron Jones | 1 | -0/+14 | |
templates between page loads on mod_perl r=dkl, a=LpSolit | |||||
2012-08-07 | Backing out Bug 778631 due to breakage | Byron Jones | 1 | -10/+0 | |
2012-08-07 | Bug 778631: use a persistent Template::Provider to avoid recompiling ↵ | Byron Jones | 1 | -0/+10 | |
templates between page loads on mod_perl r=dkl, a=LpSolit | |||||
2012-07-26 | Bug 777398: (CVE-2012-1968) [SECURITY] HTML bugmail exposes information ↵ | Frédéric Buclin | 1 | -14/+18 | |
about restricted bugs r=glob a=LpSolit | |||||
2012-05-17 | Bug 752751: Perl modules that start with a protocol (eg HTTP::Header) are ↵ | Simon Green | 1 | -1/+1 | |
not escaped correctly in SAFE_URL_REGEXP r/a=LpSolit | |||||
2012-05-07 | Bug 616191: Implement UI to easily tag bugs from the bug report directly ↵ | Frédéric Buclin | 1 | -1/+3 | |
(and get rid of the current form in the footer) r=timello a=LpSolit | |||||
2012-03-01 | Bug 731562: Cache the global/user.html.tmpl template for improved performance | Frédéric Buclin | 1 | -1/+9 | |
r=dkl a=LpSolit | |||||
2012-02-29 | Bug 731175: Bugzilla::Field shouldn't assume that someone else already ↵ | Frédéric Buclin | 1 | -4/+4 | |
loaded required modules r=glob a=LpSolit | |||||
2012-02-16 | Bug 727541 - Constants in Bugzilla::WebService::Constants should be ↵ | Dave Lawrence | 1 | -3/+16 | |
available inside the templates similar to Bugzilla::Constants r/a=LpSolit | |||||
2012-01-11 | Bug 680131: Replace the MPL 1.1 license by the MPL 2.0 one in all files, and ↵ | Frédéric Buclin | 1 | -29/+5 | |
add it to files which miss one r=kiko r=mkanat r=mrbball a=LpSolit | |||||
2011-10-23 | Bug 696256: global/variables.none.tmpl should be PRE_PROCESS'ed | Frédéric Buclin | 1 | -1/+1 | |
r/a=mkanat | |||||
2011-08-04 | Bug 657158 - (CVE-2011-2381) [SECURITY] Request email headers for attachment ↵ | Reed Loden | 1 | -0/+3 | |
containing newline are corrupt [r=LpSolit a=LpSolit] | |||||
2011-08-01 | Bug 634812: Having a very large number of custom fields can make displaying ↵ | Frédéric Buclin | 1 | -0/+5 | |
show_bug.cgi slow r=glob a=LpSolit | |||||
2011-07-25 | Bug 652663 - When using bug_format_comment hook some replacements can happen ↵ | David Lawrence | 1 | -2/+4 | |
more than once causing broken links r/a=LpSolit | |||||
2011-07-08 | Bug 670169 - Escape '>' in js filter | Reed Loden | 1 | -0/+1 | |
[r=LpSolit a=LpSolit] | |||||
2011-05-24 | Bug 659185: html_quote() escapes @ causing mailto links to not be processed | Frédéric Buclin | 1 | -1/+2 | |
r/a=mkanat | |||||
2011-04-28 | Bug 423612 - Allow editing extern_id for users from the admin interface | Jochen Wiedmann | 1 | -0/+1 | |
r=mkanat, a=mkanat | |||||
2011-04-21 | Bug 650593: Bugzilla crashes when the database is gone, even when ↵ | Frédéric Buclin | 1 | -3/+4 | |
shutdownhtml is set r=justdave a=LpSolit | |||||
2011-01-24 | Bug 619588: (CVE-2010-4567) [SECURITY] Safety checks that disallow clicking ↵ | Frédéric Buclin | 1 | -6/+21 | |
for javascript: or data: URLs in the URL field can be evaded with prefixed whitespace and Bug 628034: (CVE-2011-0048) [SECURITY] For not-logged-in users, the URL field doesn't safeguard against javascript: or data: URLs r=dkl a=LpSolit | |||||
2011-01-04 | Bug 595410: Make it faster to display a bug that has a lot of dependencies. | Max Kanat-Alexander | 1 | -41/+12 | |
r=LpSolit, a=LpSolit | |||||
2010-11-04 | Bug 474766: The [details] string is duplicated when replying to a comment ↵ | Frédéric Buclin | 1 | -1/+1 | |
containing a link to an attachment r/a=mkanat | |||||
2010-10-21 | Bug 605425: Non-english templates are no longer precompiled by checksetup | Frédéric Buclin | 1 | -1/+2 | |
r/a=mkanat | |||||
2010-10-14 | Bug 602418: Add "template_cache" to bz_locations(), a way of specifying that | Max Kanat-Alexander | 1 | -10/+14 | |
cached templates should be stored somewhere else than the data directory. r=LpSolit, a=mkanat | |||||
2010-10-03 | Bug 65477: Send HTML bugmail | Guy Pyrzak | 1 | -1/+5 | |
r=mkanat, a=mkanat | |||||
2010-09-28 | Bug 595380: Add a ?mtime string to all of the manually-inserted | Max Kanat-Alexander | 1 | -1/+1 | |
<script src> and <link href> tags in Bugzilla r=glob, a=mkanat | |||||
2010-09-19 | Bug 586244: Make mod_headers and mod_expires optional | Max Kanat-Alexander | 1 | -8/+14 | |
r=glob, a=mkanat | |||||
2010-08-10 | Bug 585490: Instead of hardcoding <i> for UNCONFIRMED bug links, use | Christian Legnitto | 1 | -6/+9 | |
a CSS class. r=mkanat, a=mkanat | |||||
2010-08-06 | Bug 466968: Remove hardcoded strings from BugMail.pm, and refactor it so ↵ | Frédéric Buclin | 1 | -0/+43 | |
that bugmails are 100% localizable r/a=mkanat | |||||
2010-08-05 | Bug 583690: (CVE-2010-2759) [SECURITY][PostgreSQL] Bugzilla crashes when ↵ | Frédéric Buclin | 1 | -12/+6 | |
viewing a bug if a comment contains 'bug <num>' or 'attachment <num>' where <num> is greater than the max allowed integer r=mkanat a=LpSolit | |||||
2010-08-04 | Bug 584021: FILTER txt should also remove | Frédéric Buclin | 1 | -0/+2 | |
r/a=mkanat | |||||
2010-07-23 | Bug 398701: Replace |FILTER url_quote| by |FILTER uri| | Frédéric Buclin | 1 | -6/+0 | |
r/a=mkanat | |||||
2010-07-21 | Bug 428313: Properly expire the browser's CSS and JS cache when there | Max Kanat-Alexander | 1 | -0/+120 | |
are new versions of those files. This also eliminates single-file skins and should also allow Extensions to have skins. r=glob, a=mkanat | |||||
2010-07-09 | Bug 576670: Optimize Search.pm's "init" method for being called many times | Max Kanat-Alexander | 1 | -2/+2 | |
in a loop r=glob, a=mkanat | |||||
2010-07-06 | Bug 554964 - Show if a user is a "Default CC" under the Product ↵ | Reed Loden | 1 | -2/+10 | |
Responsibilities section of editusers.cgi. [r=mkanat a=mkanat] | |||||
2010-07-05 | Bug 455810 - Add autocomplete support to the keywords field | Reed Loden | 1 | -0/+3 | |
* Special thanks to Guy Pyrzak for the original patch [r=mkanat a=mkanat] | |||||
2010-07-01 | Bug 545766: Figure out what columns can be reported on from the database, | Max Kanat-Alexander | 1 | -0/+3 | |
instead of from a static list r=glob, a=mkanat | |||||
2010-06-16 | Bug 24896: Make the First/Last/Prev/Next navigation on bugs work with | Max Kanat-Alexander | 1 | -9/+0 | |
multiple buglists at once r=glob, a=mkanat | |||||
2010-05-19 | Bug 565899: Make the html_linebreak filter safe by having it first call the | Max Kanat-Alexander | 1 | -0/+1 | |
"html" filter r=LpSolit, a=LpSolit |