summaryrefslogtreecommitdiffstats
path: root/Bugzilla/Util.pm
AgeCommit message (Collapse)AuthorFilesLines
2015-04-24Bug 1157395: CSRF in log in formDavid Lawrence1-2/+8
2014-11-04Bug 1093622: Backout bug 1090427 for causing: authenticated calls from bzapi ↵Byron Jones1-8/+2
are failing: 'Untrusted Authentication Request'
2014-11-04Bug 1090427: Backport bug 713926 to bmo/4.2 to protect against csrf for ↵David Lawrence1-2/+8
login forms
2014-09-18Bug 1068014: skip strptime() in datetime_from() if the date is in a standard ↵Byron Jones1-3/+8
format
2014-09-10Bug 1046213: datetime_from() generates wrong dates if year < 1901Frédéric Buclin1-3/+7
2014-06-16Bug 880669 - Extend current BzAPI BMO extension to contain compatibility ↵David Lawrence1-1/+7
changes on top of native rest r=glob
2014-05-29Bug 950491 - When viewing a dependency graph, an "uninitialized value" ↵David Lawrence1-1/+1
warning is thrown - Fixes BMO errors from whine.pl: Use of uninitialized value $lang in hash element at Bugzilla/Util.pm line 753. Use of uninitialized value $lang in hash element at Bugzilla/Util.pm line 766.
2014-05-12Bug 1003852: Digest::SHA 5.82 and newer always croak on wide characters, ↵Frédéric Buclin1-5/+5
preventing users with Unicode passwords from logging in
2014-04-23Add missing fix from bug 968576Byron Jones1-0/+4
2013-10-21fix breakage caused by bug 922684Byron Jones1-1/+8
2013-09-27Revert Bug 917669 - invalid or expired authentication tokens and cookies ↵Dave Lawrence1-15/+2
should throw errors, not be silently ignored
2013-09-26Bug 917669 - invalid or expired authentication tokens and cookies should ↵Dave Lawrence1-2/+15
throw errors, not be silently ignored
2013-08-29Bug 909360 - backport upstream bug 898830 to bmo/4.2 for performance ↵Dave Lawrence1-2/+6
improvement in show_bug.cgi
2013-04-22Bug 859315: lots of "Lock wait timeout exceeded" errors when updating ↵Byron Jones1-3/+3
cf_crash_signature
2012-11-26Bug 812543 - Back port patch from bug 797636 to bmo/4.2 to bring in ↵Dave Lawrence1-10/+11
performance enhancements r=glob
2012-10-16Bug 577329 - WebServices should filter email addresses same as the web UI as ↵Dave Lawrence1-1/+1
users are not always required to login
2012-10-12Bug 799257 - Backport bug 795650 and bug 797833 to bmo/4.0 and bmo/4.2 for ↵Dave Lawrence1-8/+11
performance improvement r=glob
2012-04-18Bug 728639: (CVE-2012-0465) [SECURITY] User lockout policy can be bypassed ↵Frédéric Buclin1-3/+105
by altering the X-FORWARDED-FOR header r=glob a=LpSolit
2012-03-29Bug 554819: Quicksearch should be using Text::ParseWords instead of custom ↵Frédéric Buclin1-16/+1
code in splitString Also fixes QS with accented characters (bug 730207) r=dkl a=LpSolit
2012-01-31Bug 714472: (CVE-2012-0448) [SECURITY] utf8 homoglyphs are allowed in email ↵Frédéric Buclin1-1/+1
addresses, which could allow an attacker to be CC'ed to private bugs by accident r=glob a=LpSolit
2011-11-19cancelled -> canceledFrédéric Buclin1-1/+1
https://bugzilla.mozilla.org/show_bug.cgi?id=703788
2011-11-19Bug 703788: Improve performance of diff_arrays() with large arraysFrédéric Buclin1-26/+29
r/a=mkanat
2011-08-05Bug 658407: Make Bugzilla not use Math::Random::Secure anymore, due to theMax Kanat-Alexander1-1/+1
difficulty of installing its dependencies. Instead move the code directly into Bugzilla itself. r=LpSolit, r=glob, a=mkanat
2011-05-30Bug 659816: Fix url_decoding of utf8 stringsByron Jones1-4/+1
r=mkanat, a=mkanat
2011-03-09revert accidental property changesByron Jones1-0/+0
2011-03-09Bug 633776: Automatic charset detection for text attachmentsByron Jones1-1/+67
r=mkanat, a=mkanat
2011-02-11Bug 620827: Refactor remove see also to use remove_from_db instead.Tiago Mello1-7/+19
r/a=mkanat
2011-01-24Bug 619594: (CVE-2010-4568) [SECURITY] Improve the randomness ofMax Kanat-Alexander1-1/+8
generate_random_password, to protect against an account compromise issue and other critical vulnerabilities. r=LpSolit, a=LpSolit https://bugzilla.mozilla.org/show_bug.cgi?id=621591
2011-01-04Bug 595410: Make it faster to display a bug that has a lot of dependencies.Max Kanat-Alexander1-0/+9
r=LpSolit, a=LpSolit
2010-09-30Bug 573195: Make Bug.get return all of a bug's standard and custom fieldMax Kanat-Alexander1-3/+12
information r=dkl, a=mkanat
2010-08-06Bug 466968: Remove hardcoded strings from BugMail.pm, and refactor it so ↵Frédéric Buclin1-19/+1
that bugmails are 100% localizable r/a=mkanat
2010-06-24Bug 572602: Change the way that Bugzilla::Object determines what fieldsMax Kanat-Alexander1-2/+5
are required for create(). It now assumes that any column that is NOT NULL and has not DEFAULT in the database is required. We also shift the burden of throwing errors about empty values to the validators. This fixes the bug that Bugzilla::Bug->create() wasn't populating default values for fields if they weren't specified in the create() parameters. r=timello, a=mkanat
2010-06-16A few tinderbox bustage fixes from the checkin of bug 24896.Max Kanat-Alexander1-1/+1
2010-06-16Bug 24896: Make the First/Last/Prev/Next navigation on bugs work withMax Kanat-Alexander1-1/+31
multiple buglists at once r=glob, a=mkanat
2010-04-22Bug 560009: Use firstidx from List::MoreUtils instead of lsearchMax Kanat-Alexander1-31/+1
r=timello, a=mkanat
2010-04-03Bug 556439: Prevent datetime_from from dying if it gets 0000-00-00 as aMax Kanat-Alexander1-0/+3
date from the database r=LpSolit, a=LpSolit
2010-03-14Bug 498309: Speed up show_bug.cgi when there are many comments by cachingMax Kanat-Alexander1-1/+29
field-descs globally for all template calls r=LpSolit, a=LpSolit
2010-01-05Bug 534587 - "Bugmail uses the timezone of the changee instead of the user ↵reed%reedloden.com1-2/+2
receiving the mail" [p=reed r=mkanat a=mkanat]
2009-12-31Bug 527586: Use X-Forwarded-For instead of REMOTE_ADDR for trusted proxiesmkanat%bugzilla.org1-1/+11
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat
2009-11-26Bug 329638: https login page switches to http on submit if ssl_redirect = ↵lpsolit%gmail.com1-1/+10
false - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=mkanat
2009-11-18Bug 360626 - "ThrowTemplateError() used in Util.pm" [p=reed r=LpSolit a=LpSolit]reed%reedloden.com1-2/+4
2009-11-16Bug 528872 - "Attachments in attachments table should have CSS classes to ↵reed%reedloden.com1-2/+2
help with styling" [p=reed r=LpSolit a=LpSolit]
2009-11-10Bug 472217: Create a Bugzilla::Comment object and eliminate GetCommentsmkanat%bugzilla.org1-33/+50
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
2009-10-24Bug 523977: Make Bugzilla::Object->check send the trimmed value to new(), ↵mkanat%bugzilla.org1-6/+3
and also be more accurate about what's "empty". This also makes detaint_natural and detaint_signed call int() on their return values. Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
2009-10-24Bug 520948: Use Bugzilla->feature and feature_enabled everywhere instead of ↵mkanat%bugzilla.org1-7/+2
checking if modules are installed Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
2009-10-19Bug 399073: Remove the 'loginnetmask' parameter - Patch by Frédéric ↵lpsolit%gmail.com1-31/+1
Buclin <LpSolit@gmail.com> r/a=mkanat
2009-10-09Bug 514913: Eliminate ssl="authenticated sessions"mkanat%bugzilla.org1-50/+18
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat
2009-07-16Bug 476305: Clean up and merge HTML filtering code - Patch by Vitaly ↵lpsolit%gmail.com1-7/+34
Fedrushkov <vitaly.fedrushkov@gmail.com> r/a=LpSolit
2009-06-02Bug 491630: Make sure DateTime never gets fractional "seconds" in new()mkanat%bugzilla.org1-1/+2
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
2009-04-11 Bug 486006 - importxml.pl must not use format_time() for deadlinesghendricks%novell.com1-2/+4
patch by ghendricks r=LpSolit a=LpSolit