| Age | Commit message (Collapse) | Author | Files | Lines | |
|---|---|---|---|---|---|
| 2013-10-16 | Bug 913904: (CVE-2013-1734) [SECURITY] CSRF when updating attachments | Frédéric Buclin | 1 | -8/+11 | |
| r=dkl a=sgreen | |||||
| 2012-09-09 | Bug 671612: Send "X-Content-Type-Options: nosniff" with every response | Matt Selsky | 1 | -2/+1 | |
| r/a=LpSolit | |||||
| 2011-11-21 | Bug 703983 - CSRF vulnerability in attachment.cgi allows possible ↵ | Reed Loden | 1 | -28/+5 | |
| unauthorized attachment creation [r=LpSolit a=LpSolit] | |||||
| 2011-08-04 | Bug 637981: (CVE-2011-2379) [SECURITY] "Raw Unified" patch diffs can cause ↵ | Byron Jones | 1 | -30/+99 | |
| XSS on this domain in IE 6-8 and Safari r/a=LpSolit | |||||
| 2011-04-28 | Bug 653404: Misleading error message when file to be attached is not ↵ | Frédéric Buclin | 1 | -1/+4 | |
| readable by browser r/a=LpSolit | |||||
| 2011-03-09 | Bug 633776: Automatic charset detection for text attachments | Byron Jones | 1 | -1/+7 | |
| r=mkanat, a=mkanat | |||||
| 2010-10-26 | Bug 607361: Creating an attachment without a "comment" param in the URL ↵ | Frédéric Buclin | 1 | -1/+2 | |
| causes an internal error a=LpSolit | |||||
| 2010-10-03 | Bug 414509: offer View All (non obsolete) attachments | Guy Pyrzak | 1 | -0/+5 | |
| r=LpSolit, a=LpSolit | |||||
| 2010-08-04 | Bug 584110: Don't name attachment files "attachment.txt" by default, because ↵ | Frédéric Buclin | 1 | -1/+1 | |
| this confuses IE a=LpSolit | |||||
| 2010-08-03 | Bug 453425 - Send "X-Content-Type-Options: nosniff" header when displaying ↵ | Reed Loden | 1 | -1/+2 | |
| attachments so IE8 doesn't try to sniff the content type. [r=LpSolit a=LpSolit] | |||||
| 2010-07-18 | Bug 119703: Create an attachment by pasting it into a text field | Frédéric Buclin | 1 | -3/+2 | |
| r/a=mkanat | |||||
| 2010-07-08 | Bug 490930: Always store attachments locally if they are over X size (and ↵ | Frédéric Buclin | 1 | -1/+0 | |
| below some threshold!), don't ever display "Big File" checkbox r=mkanat a=LpSolit | |||||
| 2010-06-03 | Bug 567846: Modify set_status, set_resolution, and set_dup_id to use | Max Kanat-Alexander | 1 | -1/+1 | |
| VALIDATOR_DEPENDENCIES, so that they don't need custom code in set_all. | |||||
| 2010-05-20 | Bug 565879: Merge ThrowCodeError("action_unrecognized"), ↵ | Frédéric Buclin | 1 | -1/+1 | |
| ThrowUserError("no_valid_action") and ThrowCodeError("unknown_action") r=ghendricks a=LpSolit | |||||
| 2010-05-17 | Bug 560281: Do not display deleted attachments in "View All" | Frédéric Buclin | 1 | -0/+2 | |
| a=LpSolit | |||||
| 2010-05-07 | Bug 395451 - "Bugzilla::BugMail needs to use Bug objects internally instead ↵ | Reed Loden | 1 | -3/+3 | |
| of direct SQL" [r=mkanat a=mkanat] | |||||
| 2010-04-22 | Bug 560009: Use firstidx from List::MoreUtils instead of lsearch | Max Kanat-Alexander | 1 | -4/+2 | |
| r=timello, a=mkanat | |||||
| 2010-04-06 | Bug 556429: Stop sending bugmail from inside the template | Max Kanat-Alexander | 1 | -4/+9 | |
| r=LpSolit, a=LpSolit | |||||
| 2010-03-28 | Bug 365926: Serve attachments without an explicit charset, and let the browser | Max Kanat-Alexander | 1 | -0/+8 | |
| decide which charset to use r=LpSolit, a=LpSolit | |||||
| 2009-12-30 | Bug 532518: Credentials are not checked correctly when viewing one ↵ | lpsolit%gmail.com | 1 | -21/+28 | |
| attachment from another bug's alternate host - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=LpSolit | |||||
| 2009-12-18 | Bug 162060: Remove the relationship between "votestoconfirm" and whether or ↵ | mkanat%bugzilla.org | 1 | -1/+2 | |
| not the UNCONFIRMED status is available, by adding a checkbox to enable the UNCONFIRMED status in editproducts.cgi. Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit | |||||
| 2009-12-13 | Bug 526734: Allow localization of the "From update of attachment" string in ↵ | mkanat%bugzilla.org | 1 | -7/+5 | |
| comments Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit | |||||
| 2009-12-04 | Bug 452919: Allow the "created an attachment" message in comments to be ↵ | mkanat%bugzilla.org | 1 | -5/+4 | |
| localized Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit | |||||
| 2009-10-24 | Bug 523495: Re-work attachment.cgi and the general attachment_base-checking ↵ | mkanat%bugzilla.org | 1 | -11/+12 | |
| code to prevent an infinite redirect loop when ssl_redirect is on and Bugzilla has an attachment_base set. Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit | |||||
| 2009-10-01 | Bug 509053: Implement Bugzilla->feature (feature_enabled in the templates), ↵ | mkanat%bugzilla.org | 1 | -6/+0 | |
| and use it to detect when PatchReader is available. Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit | |||||
| 2009-09-30 | Bug 328628: When attachments have UTF-8 characters in their name, they will ↵ | mkanat%bugzilla.org | 1 | -0/+7 | |
| now be downloaded with the correct name. Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=Wurblzap, a=mkanat | |||||
| 2009-09-28 | Bug 140999: Users without edit permissions for an attachment should still be ↵ | lpsolit%gmail.com | 1 | -37/+45 | |
| able to make comments - Patch by Frédéric Buclin <LpSolit@gmail.com> a=LpSolit | |||||
| 2009-08-11 | Bug 509045: Make "use_keywords" a global template variable instead of having ↵ | mkanat%bugzilla.org | 1 | -3/+0 | |
| to pass it to templates all the time Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit | |||||
| 2009-08-06 | Bug 305993: The requestee field may be omitted even when a requestee is ↵ | lpsolit%gmail.com | 1 | -2/+8 | |
| already set - Patch by Frédéric Buclin <LpSolit@gmail.com> a=LpSolit | |||||
| 2009-08-05 | Bug 415541: Implement $bug->set_flags() and $attachment->set_flags() - Patch ↵ | lpsolit%gmail.com | 1 | -34/+15 | |
| by Frédéric Buclin <LpSolit@gmail.com> a=LpSolit | |||||
| 2009-04-15 | Bug 486685: MIME type override for attachments lost in HTTP redirect - Patch ↵ | lpsolit%gmail.com | 1 | -0/+4 | |
| by Frédéric Buclin <LpSolit@gmail.com> r=wicked a=LpSolit | |||||
| 2009-04-09 | Bug 454251: Implement Bugzilla::Attachment->create() and ↵ | lpsolit%gmail.com | 1 | -148/+85 | |
| $attachment->update() - Patch by Frédéric Buclin <LpSolit@gmail.com> a=LpSolit (module owner) | |||||
| 2009-03-31 | Bug 477420 - "Rename some of the token names used in attachment.cgi" [p=reed ↵ | reed%reedloden.com | 1 | -6/+6 | |
| r=LpSolit a=LpSolit] | |||||
| 2009-03-30 | Bug 476603 - "[SECURITY] Editing attachments doesn't have any CSRF ↵ | reed%reedloden.com | 1 | -0/+9 | |
| protection" [p=reed r=LpSolit a=LpSolit] | |||||
| 2009-02-02 | Bug 472206: [SECURITY] Bugzilla should optionally not allow the user to view ↵ | lpsolit%gmail.com | 1 | -1/+3 | |
| possibly harmful attachments - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat r=justdave a=LpSolit | |||||
| 2009-02-02 | Bug 38862: [SECURITY] attachments should be at a different hostname - Patch ↵ | lpsolit%gmail.com | 1 | -9/+95 | |
| by Byron Jones <bugzilla@glob.com.au> and Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=LpSolit | |||||
| 2008-12-17 | Bug 467171: Editing attachments doesn't update the Last-Modified bug ↵ | lpsolit%gmail.com | 1 | -0/+13 | |
| timestamp - Patch by A.A. Shimono <shimono@mozilla.gr.jp> r/a=LpSolit | |||||
| 2008-09-18 | Bug 452734: Remove the keyword chooser, because it's a usability regression | mkanat%bugzilla.org | 1 | -3/+0 | |
| Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=mkanat | |||||
| 2008-09-09 | Bug 388251: Implement 'new Bugzilla::Attachment' - Patch by Frédéric ↵ | lpsolit%gmail.com | 1 | -5/+4 | |
| Buclin <LpSolit@gmail.com> a=LpSolit | |||||
| 2008-09-08 | Bug 453743: Decrease the number of calls to the DB about flags when viewing ↵ | lpsolit%gmail.com | 1 | -19/+1 | |
| a bug - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=mkanat | |||||
| 2008-06-30 | Bug 440612 â Use Bugzilla::Bug->check everywhere instead of ValidateBugID | mkanat%bugzilla.org | 1 | -11/+10 | |
| Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit | |||||
| 2008-06-28 | Bug 422691 â Attachment gets added twice after hitting "Back" and "Refresh" | dkl%redhat.com | 1 | -0/+31 | |
| Patch by David Lawrence <dkl@redhat.com> - r/a=LpSolit | |||||
| 2008-04-03 | Bug 410902: Some characters are mangled in diff and interdiff modes when ↵ | lpsolit%gmail.com | 1 | -3/+1 | |
| viewing patches - Patch by Frédéric Buclin <LpSolit@gmail.com> r=shimono, r=mkanat a=LpSolit | |||||
| 2008-02-05 | Bug 414604: After inserting/editing/deleting an attachment, the Keywords ↵ | lpsolit%gmail.com | 1 | -0/+7 | |
| field is unavailable - Patch by Frédéric Buclin <LpSolit@gmail.com> r=ghendricks r=mkanat a=mkanat | |||||
| 2008-02-04 | Bug 415155: Remove $cgi from the list of arguments when calling ↵ | lpsolit%gmail.com | 1 | -2/+2 | |
| Bugzilla::Flag subroutines - Patch by Frédéric Buclin <LpSolit@gmail.com> a=LpSolit | |||||
| 2008-02-04 | Bug 413772: Eliminate sqlify_criteria() in Bugzilla::Flag and replace ↵ | lpsolit%gmail.com | 1 | -2/+2 | |
| match() there with Bugzilla::Object::match() - Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r/a=LpSolit | |||||
| 2008-01-21 | Bug 373281: Remove AppendComment entirely in favor of ↵ | lpsolit%gmail.com | 1 | -31/+33 | |
| Bugzilla::Bug->add_comment - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=mkanat | |||||
| 2008-01-20 | Bug 413222: Implement $attachment->remove_from_db - Patch by Frédéric ↵ | lpsolit%gmail.com | 1 | -9/+1 | |
| Buclin <LpSolit@gmail.com> a=LpSolit | |||||
| 2008-01-06 | Bug 408446: Non-text attachments were mangled by "binmode STDOUT, ':utf8'" | mkanat%bugzilla.org | 1 | -0/+3 | |
| Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=mkanat | |||||
| 2007-11-30 | Bug 99215: Attachments have no midair collision protection - Patch by ↵ | lpsolit%gmail.com | 1 | -2/+24 | |
| Frédéric Buclin <LpSolit@gmail.com> r=mkanat r=justdave a=justdave | |||||
 |
index : bugzilla | |
| Bugzilla | Florian Pritz |
| summaryrefslogtreecommitdiffstats |
path: root/attachment.cgi