Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2017-07-07 | Bug 1377933 - Remove trailing whitespace from all perl files | Dylan William Hardison | 1 | -3/+3 | |
2016-09-13 | Bug 1283930 - Add Makefile.PL & local/lib/perl5 support to bmo/master + ↵ | Dylan William Hardison | 1 | -23/+10 | |
local symlink to data/ directory | |||||
2016-09-12 | Revert "Bug 1283930 - Add Makefile.PL & local/lib/perl5 support to ↵ | Dylan William Hardison | 1 | -10/+23 | |
bmo/master + local symlink to data/ directory" This reverts commit e6bf4cacb10f86077fe898349485f5c7ab9fb4b6. | |||||
2016-09-12 | Bug 1283930 - Add Makefile.PL & local/lib/perl5 support to bmo/master + ↵ | Dylan William Hardison | 1 | -23/+10 | |
local symlink to data/ directory | |||||
2015-11-10 | Bug 1221423 - unable to impersonate users when 2fa is enabled | David Lawrence | 1 | -25/+40 | |
2015-04-24 | Bug 1157395: CSRF in log in form | David Lawrence | 1 | -1/+17 | |
2014-11-04 | Bug 1093622: Backout bug 1090427 for causing: authenticated calls from bzapi ↵ | Byron Jones | 1 | -13/+0 | |
are failing: 'Untrusted Authentication Request' | |||||
2014-11-04 | Bug 1090427: Backport bug 713926 to bmo/4.2 to protect against csrf for ↵ | David Lawrence | 1 | -0/+13 | |
login forms | |||||
2014-10-06 | merged with upstream 4.2 | David Lawrence | 1 | -17/+14 | |
2014-10-06 | Bug 1075578: [SECURITY] Improper filtering of CGI arguments | Frédéric Buclin | 1 | -17/+14 | |
r=dkl,a=sgreen | |||||
2014-02-17 | Bug 966676: The 'sudo' cookie should not be accessible from JavaScript | Frédéric Buclin | 1 | -3/+10 | |
2011-07-25 | Bug 589128: Adds a preference allowing users to choose between text or html | Byron Jones | 1 | -1/+1 | |
for bugmail. r=LpSolit, a=LpSolit | |||||
2011-07-18 | Bug 670128: Missing explicit exit after calls to $cgi->redirect(), making ↵ | Frédéric Buclin | 1 | -0/+1 | |
the rest of the scripts to be executed r=dkl a=LpSolit | |||||
2010-09-07 | Bug 593881: Assignment to $[ has been deprecated in Perl 5.12.0 | Frédéric Buclin | 1 | -1/+1 | |
r/a=mkanat | |||||
2010-08-04 | Bug 450013: (CVE-2010-2757) [SECURITY] Can sudo a user without sending email | Frédéric Buclin | 1 | -2/+6 | |
r=glob a=LpSolit | |||||
2010-05-20 | Bug 565879: Merge ThrowCodeError("action_unrecognized"), ↵ | Frédéric Buclin | 1 | -1/+1 | |
ThrowUserError("no_valid_action") and ThrowCodeError("unknown_action") r=ghendricks a=LpSolit | |||||
2010-03-01 | Bug 508823: Make it so that you don't ever have to reset template_inner (like | Max Kanat-Alexander | 1 | -1/+0 | |
Bugzilla->template_inner("")). r=LpSolit, a=LpSolit | |||||
2009-04-15 | Bug 480862: relogin.cgi now just throws an error by default (should redirect ↵ | lpsolit%gmail.com | 1 | -2/+6 | |
to index.cgi) - Patch by Frédéric Buclin <LpSolit@gmail.com> r=ghendricks a=LpSolit | |||||
2009-03-02 | Bug 121601: Have logout display index.cgi, not just a message on relogin.cgi. | mkanat%bugzilla.org | 1 | -15/+1 | |
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit | |||||
2008-04-03 | Bug 405946: Some emails are not sent in the language chosen by the addressee ↵ | lpsolit%gmail.com | 1 | -4/+4 | |
- Patch by Frédéric Buclin <LpSolit@gmail.com> r=wurblzap a=LpSolit | |||||
2007-10-19 | Bug 399954: Make Bugzilla able to hold its dependencies in a local directory | mkanat%bugzilla.org | 1 | -1/+1 | |
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit | |||||
2006-10-15 | Bug 281181: [SECURITY] It's way too easy to delete ↵ | lpsolit%gmail.com | 1 | -2/+2 | |
versions/components/milestones etc... - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk | |||||
2006-08-11 | Bug 347291: Make Bugzilla::User use Bugzilla::Object | mkanat%bugzilla.org | 1 | -1/+1 | |
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk | |||||
2006-06-21 | Bug 282121: Remove globals.pl from scripts that no longer use it - Patch by ↵ | lpsolit%gmail.com | 1 | -2/+0 | |
Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk | |||||
2006-06-02 | Bug 339862: Move Bugzilla::BugMail::MessageToMTA() in a separate module - ↵ | lpsolit%gmail.com | 1 | -2/+2 | |
Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=justdave | |||||
2006-05-12 | Bug 300410: Bugzilla::Auth needs to be restructured to not require a BEGIN block | mkanat%bugzilla.org | 1 | -3/+2 | |
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk | |||||
2006-04-07 | Bug 332906: Wrong parameters passed to sudo sessions when trying to bypass ↵ | lpsolit%gmail.com | 1 | -2/+2 | |
validation checks - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=justdave | |||||
2006-02-24 | Patch for bug 328379: Fix spelling: 'visitng' -> 'visiting' in relogin.cgi; ↵ | jocuri%softhome.net | 1 | -1/+1 | |
r=LpSolit, a=myk. | |||||
2005-11-22 | Bug 315524: When an invalid action is passed to relogin.cgi, ↵ | lpsolit%gmail.com | 1 | -0/+5 | |
ThrowTemplateError() is called instead of ThrowCodeError() - Patch by Frédéric Buclin <LpSolit@gmail.com> r=wicked a=justdave | |||||
2005-11-20 | Bug 312441: relogin.cgi allows you to impersonate user accounts you are not ↵ | karl%kornel.name | 1 | -93/+62 | |
allowed to see when 'usevisibilitygroups' is on - Patch by A. Karl Kornel <karl@kornel.name> r=LpSolit a=justdave | |||||
2005-11-05 | Bug 312439: The user being impersonated has "moral" rights to keep informed ↵ | karl%kornel.name | 1 | -7/+24 | |
- Patch by A. Karl Kornel <karl@kornel.name> r=LpSolit a=justdave | |||||
2005-10-24 | Bug 312307: Misused Throw*Error tags in code and templates - Patch by Dennis ↵ | lpsolit%gmail.com | 1 | -1/+1 | |
Melentyev <dennis.melentyev@infopulse.com.ua> r=LpSolit a=justdave | |||||
2005-10-14 | Bug 204498 Add su (setuser) function | bugreport%peshkin.net | 1 | -12/+186 | |
Patch by A. Karl Kornel <karl@kornel.name> r=joel, a=justdave | |||||
2005-08-13 | Bug 302644: relogin.cgi may ask you to login... before logging you out - ↵ | lpsolit%gmail.com | 1 | -1/+2 | |
Patch by Frédéric Buclin <LpSolit@gmail.com> r=wurblzap a=justdave | |||||
2005-08-10 | Bug 301508: Remove CGI.pl - Patch by Frédéric Buclin <LpSolit@gmail.com> ↵ | lpsolit%gmail.com | 1 | -4/+4 | |
r=mkanat,wicked a=justdave | |||||
2004-03-27 | Fix for bug 234175: Remove deprecated ConnectToDatabase() and | kiko%async.com.br | 1 | -4/+2 | |
quietly_check_login()/confirm_login() calls. Cleans up callsites (consisting of most of our CGIs), swapping (where appropriate) for calls to Bugzilla->login. Patch by Teemu Mannermaa <wicked@etlicon.fi>. r=bbaetz, kiko. a=justdave. | |||||
2003-11-27 | Bug 226324: Move relogin.cgi code to Bugzilla::Auth::CGI. Provide a | kiko%async.com.br | 1 | -25/+3 | |
logout() method that is proxied through Bugzilla.pm's logout(), and fix callers to use it. r=justdave, bbaetz, a=justdave | |||||
2003-06-03 | Bug 180635 - Enhance Bugzilla::User to store additional information | bbaetz%acm.org | 1 | -1/+3 | |
r=myk,jake | |||||
2003-05-05 | Bug 201816 - use CGI.pm for header output | bbaetz%acm.org | 1 | -6/+8 | |
r=joel, a=justdave | |||||
2003-03-27 | Bug 196433 - Bugzilla now uses /usr/bin/perl as the shebang line | jake%bugzilla.org | 1 | -1/+1 | |
r=justdave a=justdave | |||||
2002-08-26 | Bug 76923 - Don't |use diagnostics| (its really expensive at startup time) | bbaetz%student.usyd.edu.au | 1 | -1/+0 | |
r=joel x2 | |||||
2002-07-27 | Bug 158658 - relogin.cgi should use a template. This also adds the ability ↵ | gerv%gerv.net | 1 | -12/+6 | |
to localise messages. Patch by gerv; r=burnus. | |||||
2002-05-08 | Bug 140437 - clean up parameters. Patch by gerv; 2xr=justdave. | gerv%gerv.net | 1 | -2/+0 | |
2002-05-08 | Bug 140435 - Templatise GetCommandMenu. Patch by gerv; r=bbaetz, justdave. | gerv%gerv.net | 1 | -0/+1 | |
2002-04-24 | Bug 138588 - change to use new template structure. Patch by gerv, r=myk, ↵ | gerv%gerv.net | 1 | -2/+1 | |
afranke. | |||||
2002-02-24 | Bug 126791 - templatise relogin.cgi | gerv%gerv.net | 1 | -11/+14 | |
2002-02-04 | Bug 95732 - remove logincookies.cryptpassword, and invalidate cookies from | bbaetz%student.usyd.edu.au | 1 | -0/+19 | |
the db when required instead. (Also fixes bug 58242 as a side effect) r=myk, kiko | |||||
2002-01-20 | Fix for bug 108982: enable taint mode for all user-facing CGI files. | justdave%syndicomm.com | 1 | -1/+3 | |
Patch by Brad Baetz <bbaetz@student.usyd.edu.au> r= jake, justdave | |||||
2002-01-19 | Fix for bug 120817 - Log Out and %commandmenu% in bannerhtml, r=justdave,dkl | dkl%redhat.com | 1 | -2/+5 | |
2001-10-13 | Fix for bug 19910: Bugzilla installs on the same server would interfere with ↵ | justdave%syndicomm.com | 1 | -4/+3 | |
each others' cookies. Cookies now have a path value that can be set to indicate which bugzilla install they belong to. Browsers will only send the cookie to the appropriate installation. The path can be set in the 'cookiepath' parameter in editparams.cgi. Patch by Dave Lawrence <dkl@redhat.com> r= myk, justdave |