summaryrefslogtreecommitdiffstats
path: root/Bugzilla/WebService/Server
AgeCommit message (Collapse)AuthorFilesLines
2016-10-14Bug 1309737 - Add User-Agent to the Access-Control-Allow-Headers headerKohei Yoshino1-1/+1
2016-09-13Bug 1283930 - Add Makefile.PL & local/lib/perl5 support to bmo/master + ↵Dylan William Hardison8-38/+23
local symlink to data/ directory
2016-09-12Revert "Bug 1283930 - Add Makefile.PL & local/lib/perl5 support to ↵Dylan William Hardison8-23/+38
bmo/master + local symlink to data/ directory" This reverts commit e6bf4cacb10f86077fe898349485f5c7ab9fb4b6.
2016-09-12Bug 1283930 - Add Makefile.PL & local/lib/perl5 support to bmo/master + ↵Dylan William Hardison8-38/+23
local symlink to data/ directory
2016-03-03Bug 1253032 - Recent change to JSON::XS breaks some APIsDylan Hardison1-0/+1
2015-09-24Bug 1204683: Add whoami endpointDavid Lawrence1-0/+5
2015-09-01Bug 1197073 - add support for 2fa using totp (eg. google authenticator)Byron Jones1-1/+9
2015-08-21Bug 1195645 - don't create a new session for every authenticated REST/BzAPI callByron Jones1-0/+7
2015-08-11Bug 1184332 - Add Restricted API calls for MozReviewDylan William Hardison1-0/+1
2015-05-12Bug 1146770: implement comment previewByron Jones1-1/+6
2015-04-14Bug 1031035: fix broken XMLRPCByron Jones1-1/+2
2015-04-13Bug 1031035: xmlrpc can be DoS'd with billion laughs attackByron Jones1-0/+8
2015-03-16Bug 1142399: invalid xmlrpc requests warns: Use of uninitialized value $file ↵Byron Jones1-0/+3
in substitution (s///) (Bugzilla/WebService/Server/XMLRPC.pm:114)
2015-03-11Bug 1141440: OPTION response for CORS requests to REST doesn't allow ↵David Lawrence1-1/+1
X-Bugzilla headers - Fixed a new hash constant error that did not fail locally due to Perl version difference
2015-03-11Bug 1141440: OPTION response for CORS requests to REST doesn't allow ↵David Lawrence1-2/+7
X-Bugzilla headers - Fixed t/001compile.t error due to tr///r only for 5.14+
2015-03-11Bug 1141440 - OPTION response for CORS requests to REST doesn't allow ↵David Lawrence1-10/+2
X-Bugzilla headers
2015-03-10Bug 1141440: OPTION response for CORS requests to REST doesn't allow ↵David Lawrence1-1/+11
X-Bugzilla headers
2015-03-09Bug 1140458: backport upstream bug 1139755 to bmo/master to allow API ↵David Lawrence2-2/+2
authentication with X-Headers
2015-03-09Bug 1140966: backport bug 1139257 to bmo (allow cookie+api-token GET REST ↵Byron Jones1-23/+0
requests)
2015-01-27Bug 1124437: Backport upstream bug 1090275 to bmo/4.2 to whitelist ↵Byron Jones2-0/+17
webservice api methods
2014-12-22Bug 1098291: OPTION response for CORS requests to REST doesn't allow ↵David Lawrence1-1/+1
X-Requested-With r=glob,a=glob
2014-11-14Bug 1097813: backport upstream bug 1001462 to bmo/4.2 to fix issue with ↵David Lawrence1-0/+7
using tokens with webservice rest api
2014-11-13Bug 1096565: backport bug 1088253 to bmo/4.2 to allow arbitrary URL params ↵David Lawrence1-8/+29
to be passed to REST API calls
2014-11-04Bug 1093600: Backout Bug 1088253 for breaking comment addingByron Jones1-21/+12
2014-10-30Bug 1088253: GET REST calls should allow arbitrary URL parameters to be ↵David Lawrence2-12/+26
passed in addition the values in the path r=glob,a=glob
2014-10-09Bug 1079476: Backport upstream bug 1014345 and bug 658485 to bmo/4.2 to ↵David Lawrence1-0/+11
allow getting and updating groups
2014-07-10Bug 1036225: Return a link to the REST documentation in "method not found" ↵David Lawrence1-0/+1
errors
2014-07-09Bug 1036213: fix jsonrpc.cgi callbackReed Loden1-1/+3
2014-06-16Bug 880669 - Extend current BzAPI BMO extension to contain compatibility ↵David Lawrence1-7/+19
changes on top of native rest r=glob
2014-06-03Bug 1000917: Backport upstream bug 489028 to bmo/4.2 to allow user last ↵Dylan William Hardison [:dylan]2-0/+53
visit searching
2014-04-28Bug 1000913 - Backport upstream bug 540818 to bmo/4.2 to improve ↵David Lawrence1-9/+0
include_fields and exclude_fields to accept _default, _all and _custom keywords r=glob
2014-02-25Bug 976765 - backport upstream bug 972881 to bmo/4.2 to add hooks to ↵Dave Lawrence1-3/+12
Bugzilla/WebService/Server/REST.pm
2014-02-05Bug 968482 - backport bug 966277 to bmo/4.2 to set default content type if ↵Dave Lawrence1-1/+7
no accept header provided
2014-01-01Bug 918384 - backport upstream bug 756048 to bmo/4.2 to allow setting ↵Dave Lawrence1-1/+17
bug/attachment flags using the webservices
2013-12-10Bug 942725: backport bug 793963 to bmo (add the ability to tag comments with ↵Byron Jones1-0/+16
arbitrary tags)
2013-09-27Bug 915685 - backport upstream bug 914986 and bug 917483 to bmo/4.2 for ↵Dave Lawrence1-0/+6
allowing attachment metadata editing in webservice API
2013-09-17Bug 916935 - Add Access-Control-Allow-Headers to REST API to indicate which ↵Dave Lawrence1-0/+1
HTTP headers can be used when making the request
2013-09-13Bug 909442 - backport upstream bug 908338 to bmo/4.2 to add User.valid_login ↵Dave Lawrence1-0/+5
webservice method
2013-08-29Bug 909634 - backport upstream bug 893195 to bmo/4.2 for token auth support ↵Dave Lawrence3-17/+37
in webservices
2013-08-21Bug 907245 - Allow for URL params to also be passed with POST/PUT REST API ↵Dave Lawrence1-0/+11
requests
2013-08-09Bug 903514 - Backport upstream bug 569177 for etag support to bmo/4.2Dave Lawrence3-8/+52
2013-07-23Bug 897093 - Port the upstream Product.get webservice changes (bug 896066) ↵Dave Lawrence1-9/+16
to bmo/4.2
2013-07-23merged with bugzilla/4.2Dave Lawrence1-2/+10
2013-07-15Bug 892601 - Port over upstream native REST patch (bug 866927) to bmo/4.2Dave Lawrence7-0/+1083
r=glob
2013-07-15Bug 787328 - xmlrpc.cgi doesn't send any security-related headersDave Lawrence1-2/+10
r=glob,a=justdave
2012-10-16Bug 577329 - WebServices should filter email addresses same as the web UI as ↵Dave Lawrence2-1/+11
users are not always required to login
2012-02-29Bug 731219: Fix XMLRPC breakage when content-type contains a charsetByron Jones1-1/+4
r=dkl, a=LpSolit
2012-02-22Bug 725663 - (CVE-2012-0453) [SECURITY] CSRF vulnerability in the XML-RPC ↵Dave Lawrence1-0/+8
API when using mod_perl r/a=LpSolit
2012-02-15Bug 724464 - JSON-RPC support shouldn't require SOAP::LiteDave Lawrence1-0/+14
r/a=LpSolit
2012-01-31(CVE-2012-0440) [SECURITY] JSON-RPC permits to bypass token checks and can ↵Frédéric Buclin1-1/+13
lead to CSRF (no victim's action required) r=mkanat a=LpSolit https://bugzilla.mozilla.org/show_bug.cgi?id=718319