Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2013-02-19 | Bug 824399: (CVE-2013-0786) [SECURITY] build_subselect() leaks the existence ↵ | Simon Green | 1 | -1/+4 | |
of products and components you cannot access r/a=LpSolit | |||||
2012-09-17 | Bug 761046: Don't redirect when hitting buglist.cgi directly to avoid ↵ | Byron Jones | 1 | -1/+0 | |
duplicate cgi->header calls r=LpSolit, a=LpSolit | |||||
2012-08-29 | Bug 786310: Remove tokens when saving the default query | Byron Jones | 1 | -0/+2 | |
r= LpSolit, a=LpSolit | |||||
2012-08-28 | Bug 772953: Remove the token from buglist urls | Byron Jones | 1 | -1/+2 | |
r=dkl, a=LpSolit | |||||
2012-08-20 | Bug 698068: The "There is no saved search named ..." page has a "forget" link | Frédéric Buclin | 1 | -1/+1 | |
r=glob a=LpSolit | |||||
2012-06-27 | Bug 768870: The "Un-forget the search" link has no token | Frédéric Buclin | 1 | -1/+3 | |
r=glob a=LpSolit | |||||
2012-05-29 | Bug 754672 - CSRF vulnerability in buglist.cgi allows possible unauthorized ↵ | Reed Loden | 1 | -0/+2 | |
setting of default search options [r=LpSolit a=LpSolit] | |||||
2012-04-18 | Bug 745397: (CVE-2012-0466) [SECURITY] The JS template for buglists permits ↵ | Frédéric Buclin | 1 | -10/+0 | |
attackers to access all bugs that the victim can see r=glob a=LpSolit | |||||
2012-04-17 | Bug 745320: Shared queries do not work when tags are part of the query | Frédéric Buclin | 1 | -4/+9 | |
r=dkl a=LpSolit | |||||
2011-12-09 | Bug 644281: When the sort order of a buglist is modified, the "Show next bug ↵ | Frédéric Buclin | 1 | -18/+13 | |
in my list" user pref still uses the original sort order to decide which bug to display next r=glob a=LpSolit | |||||
2011-11-26 | Bug 255606: Do not let buglist.cgi return all bugs by default | Frédéric Buclin | 1 | -1/+1 | |
r/a=mkanat | |||||
2011-08-17 | Bug 678357: Fix 'limit' parameter in the saved searches results | Tiago Mello | 1 | -1/+1 | |
r/a=mkanat | |||||
2011-05-31 | Bug 647649: Change the old "Boolean Charts" UI into the new AND/OR | Max Kanat-Alexander | 1 | -13/+0 | |
"Custom Search" UI. r=timello, a=mkanat | |||||
2011-03-02 | Bug 632718: Only return 500 search results unless the user specifically | Max Kanat-Alexander | 1 | -0/+11 | |
requests to see more. r=dkl, a=mkanat | |||||
2011-02-14 | Bug 480044: Use dashes instead of colons to separate bug IDs in the BUGLIST ↵ | Frédéric Buclin | 1 | -1/+1 | |
cookie, because colons are HTML-escaped, making the cookie bigger than the 4k limit r=mkanat a=LpSolit | |||||
2011-02-14 | Bug 417551: Make it possible for CSV headers to be the field description | Michael J Tosh | 1 | -0/+4 | |
instead of the field name, and have the buglist.cgi link give you CSV like this by default. r=mkanat, a=mkanat | |||||
2011-02-12 | Bug 535571: Allow Search.pm to accept "limit" and "offset" as parameters. | Max Kanat-Alexander | 1 | -12/+4 | |
r=mkanat, a=mkanat (module owner) | |||||
2011-01-30 | Bug 616185: Move tags (aka lists of bugs) to their own DB tables | Frédéric Buclin | 1 | -90/+35 | |
r/a=mkanat | |||||
2011-01-07 | Bug 621090 - [SECURITY] Adding saved searches lacks CSRF protection | David Lawrence | 1 | -0/+2 | |
r/a=mkanat | |||||
2010-12-27 | Bug 615574: Make every search done by buglist.cgi create a list_id, so that | Max Kanat-Alexander | 1 | -23/+1 | |
even Saved Searches get "last list" support. r=LpSolit, a=LpSolit | |||||
2010-08-31 | Bug 77193 - Add the ability to retire (disable) old versions, components and ↵ | Dave Lawrence | 1 | -4/+4 | |
milestones r/a=mkanat | |||||
2010-08-02 | Bug 581622: When a quicksearch includes the "content" field, it is limited ↵ | Frédéric Buclin | 1 | -1/+0 | |
to 200 bugs r/a=mkanat | |||||
2010-07-16 | Bug 398308: Make Search.pm take a hashref for its "params" argument | Max Kanat-Alexander | 1 | -1/+1 | |
instead of taking a CGI object. r=mkanat, a=mkanat (module owner) | |||||
2010-07-15 | Bug 577800: Finish the cleanup of Search.pm's "init" function by removing | Max Kanat-Alexander | 1 | -1/+1 | |
it and having its work be done by a new "sql" accessor instead. Also adds some comments, moves functions around into sections, and creates a new _user accessor. r=mkanat, a=mkanat (module owner) | |||||
2010-06-16 | Bug 24896: Make the First/Last/Prev/Next navigation on bugs work with | Max Kanat-Alexander | 1 | -33/+40 | |
multiple buglists at once r=glob, a=mkanat | |||||
2010-05-20 | Bug 565879: Merge ThrowCodeError("action_unrecognized"), ↵ | Frédéric Buclin | 1 | -1/+1 | |
ThrowUserError("no_valid_action") and ThrowCodeError("unknown_action") r=ghendricks a=LpSolit | |||||
2010-05-12 | Bug 486050: Bugzilla should prefill quicksearch box when showing search ↵ | David Lawrence | 1 | -0/+3 | |
results from a quicksearch r/a=mkanat | |||||
2010-04-22 | Bug 560009: Use firstidx from List::MoreUtils instead of lsearch | Max Kanat-Alexander | 1 | -7/+7 | |
r=timello, a=mkanat | |||||
2010-03-03 | Bug 513989 - large search query causing internal server error (500) but ↵ | Dave Lawrence | 1 | -3/+5 | |
valid redirect 302 returned r=mkanat, a=mkanat | |||||
2010-03-02 | Bug 286041 - Allow people to undo "forget search" | Kent Rogers | 1 | -5/+4 | |
r=mkanat, a=mkanat | |||||
2010-02-28 | Bug 537834 - "Buglist results using atom ctype do not display users with ↵ | Reed Loden | 1 | -0/+2 | |
empty real names" [r=LpSolit a=LpSolit] | |||||
2010-02-16 | Bug 372979: Make voting into an extension | Max Kanat-Alexander | 1 | -18/+0 | |
r=mkanat, a=mkanat, a=LpSolit | |||||
2010-01-06 | Bug 535675: Typing +foo in the QuickSearch box throws an "uninitialized ↵ | lpsolit%gmail.com | 1 | -1/+3 | |
value" warning (missing 'order' parameter) - Patch by Frédéric Buclin <LpSolit@gmail.com> r=wicked a=LpSolit | |||||
2009-11-10 | Bug 505039: Use $user->is_timetracker instead of ↵ | lpsolit%gmail.com | 1 | -1/+1 | |
$user->in_group(Bugzilla->params->{'timetrackinggroup'}) - Patch by XqueZme <xquezme@gmail.com> r/a=LpSolit | |||||
2009-11-03 | Bug 526271: Uninitialized value in can_enter_product() due to a missing ↵ | lpsolit%gmail.com | 1 | -1/+1 | |
argument - Patch by Frédéric Buclin <LpSolit@gmail.com> r=ghendricks a=LpSolit | |||||
2009-10-29 | Bug 524234: When there are no search results, include helpful links | mkanat%bugzilla.org | 1 | -16/+29 | |
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat | |||||
2009-10-26 | Bug 524395: Boolean charts And, Or, "add another chart" buttons do no work ↵ | lpsolit%gmail.com | 1 | -12/+13 | |
with JS turned off - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=mkanat | |||||
2009-08-21 | Bug 449705: Make buglist.cgi's LookupNamedQuery use Bugzilla::Search::Saved | mkanat%bugzilla.org | 1 | -52/+13 | |
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit | |||||
2009-08-11 | Bug 509045: Make "use_keywords" a global template variable instead of having ↵ | mkanat%bugzilla.org | 1 | -5/+8 | |
to pass it to templates all the time Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit | |||||
2009-07-07 | Bug 491467: Make Search.pm and buglist.cgi consistently take column ids for ↵ | mkanat%bugzilla.org | 1 | -156/+36 | |
the "fields" and "order" arguments, to prevent problems with using SQL fragments in the order and columnlist. Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=wicked, a=mkanat | |||||
2009-07-07 | Bug 502641: Fix various problems that would occur when you would log in from ↵ | mkanat%bugzilla.org | 1 | -11/+11 | |
buglist.cgi Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit | |||||
2009-05-25 | Bug 494643: Do not pass the same columns twice to the SQL query - Patch by ↵ | lpsolit%gmail.com | 1 | -2/+4 | |
Frédéric Buclin <LpSolit@gmail.com> r=wicked a=LpSolit | |||||
2009-05-25 | Bug 494369: Do not throw an error if the 'order' parameter contains invalid ↵ | lpsolit%gmail.com | 1 | -12/+7 | |
columns for buglists - Patch by Frédéric Buclin <LpSolit@gmail.com> r=wicked a=LpSolit | |||||
2009-05-22 | Back out bug 441496: it breaks Safari and Google Chrome | lpsolit%gmail.com | 1 | -7/+4 | |
2009-05-14 | Bug 290631 - iCalendar export should include priority | bbaetz%acm.org | 1 | -0/+11 | |
r/a=mkanat | |||||
2009-05-06 | Bug 491679: Do not store the buglist sort order of shared saved searches in ↵ | lpsolit%gmail.com | 1 | -1/+1 | |
cookies - Patch by Frédéric Buclin <LpSolit@gmail.com> r=ghendricks a=LpSolit | |||||
2009-03-06 | Remove the unused 'unconfirmedstate' variable (as mentioned in the release ↵ | lpsolit%gmail.com | 1 | -2/+0 | |
notes for Bugzilla 2.20) - r=mkanat on IRC | |||||
2009-02-05 | Bug 476943 - Edit multiple issues token after switching to shadow DB | ghendricks%novell.com | 1 | -0/+4 | |
patch by ghendricks@novell.com r=mkanat a=mkanat | |||||
2009-02-02 | Bug 466748: [SECURITY] Shared/saved searches can be deleted without user ↵ | lpsolit%gmail.com | 1 | -5/+14 | |
confirmation using predictable URL - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=LpSolit | |||||
2009-02-02 | Bug 26257: [SECURITY] Bugzilla should prevent malicious webpages from making ↵ | lpsolit%gmail.com | 1 | -0/+2 | |
bugzilla users submit changes to bugs - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=LpSolit |