Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2014-04-17 | Bug 713926: (CVE-2014-1517) [SECURITY] Login form lacks CSRF protection | Frédéric Buclin | 1 | -0/+13 | |
r=dkl a=justdave | |||||
2014-02-15 | Bug 966676: The 'sudo' cookie should not be accessible from JavaScript | Frédéric Buclin | 1 | -3/+10 | |
r=dkl a=justdave | |||||
2012-09-01 | Bug 787529: Use |use 5.10.1| everywhere | Frédéric Buclin | 1 | -0/+1 | |
r=wicked a=LpSolit | |||||
2012-01-11 | Bug 680131: Replace the MPL 1.1 license by the MPL 2.0 one in all files, and ↵ | Frédéric Buclin | 1 | -21/+5 | |
add it to files which miss one r=kiko r=mkanat r=mrbball a=LpSolit | |||||
2011-07-25 | Bug 589128: Adds a preference allowing users to choose between text or html | Byron Jones | 1 | -1/+1 | |
for bugmail. r=LpSolit, a=LpSolit | |||||
2011-07-18 | Bug 670128: Missing explicit exit after calls to $cgi->redirect(), making ↵ | Frédéric Buclin | 1 | -0/+1 | |
the rest of the scripts to be executed r=dkl a=LpSolit | |||||
2010-09-07 | Bug 593881: Assignment to $[ has been deprecated in Perl 5.12.0 | Frédéric Buclin | 1 | -1/+1 | |
r/a=mkanat | |||||
2010-08-04 | Bug 450013: (CVE-2010-2757) [SECURITY] Can sudo a user without sending email | Frédéric Buclin | 1 | -2/+6 | |
r=glob a=LpSolit | |||||
2010-05-20 | Bug 565879: Merge ThrowCodeError("action_unrecognized"), ↵ | Frédéric Buclin | 1 | -1/+1 | |
ThrowUserError("no_valid_action") and ThrowCodeError("unknown_action") r=ghendricks a=LpSolit | |||||
2010-03-01 | Bug 508823: Make it so that you don't ever have to reset template_inner (like | Max Kanat-Alexander | 1 | -1/+0 | |
Bugzilla->template_inner("")). r=LpSolit, a=LpSolit | |||||
2009-04-15 | Bug 480862: relogin.cgi now just throws an error by default (should redirect ↵ | lpsolit%gmail.com | 1 | -2/+6 | |
to index.cgi) - Patch by Frédéric Buclin <LpSolit@gmail.com> r=ghendricks a=LpSolit | |||||
2009-03-02 | Bug 121601: Have logout display index.cgi, not just a message on relogin.cgi. | mkanat%bugzilla.org | 1 | -15/+1 | |
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit | |||||
2008-04-03 | Bug 405946: Some emails are not sent in the language chosen by the addressee ↵ | lpsolit%gmail.com | 1 | -4/+4 | |
- Patch by Frédéric Buclin <LpSolit@gmail.com> r=wurblzap a=LpSolit | |||||
2007-10-19 | Bug 399954: Make Bugzilla able to hold its dependencies in a local directory | mkanat%bugzilla.org | 1 | -1/+1 | |
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit | |||||
2006-10-15 | Bug 281181: [SECURITY] It's way too easy to delete ↵ | lpsolit%gmail.com | 1 | -2/+2 | |
versions/components/milestones etc... - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk | |||||
2006-08-11 | Bug 347291: Make Bugzilla::User use Bugzilla::Object | mkanat%bugzilla.org | 1 | -1/+1 | |
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk | |||||
2006-06-21 | Bug 282121: Remove globals.pl from scripts that no longer use it - Patch by ↵ | lpsolit%gmail.com | 1 | -2/+0 | |
Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk | |||||
2006-06-02 | Bug 339862: Move Bugzilla::BugMail::MessageToMTA() in a separate module - ↵ | lpsolit%gmail.com | 1 | -2/+2 | |
Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=justdave | |||||
2006-05-12 | Bug 300410: Bugzilla::Auth needs to be restructured to not require a BEGIN block | mkanat%bugzilla.org | 1 | -3/+2 | |
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk | |||||
2006-04-07 | Bug 332906: Wrong parameters passed to sudo sessions when trying to bypass ↵ | lpsolit%gmail.com | 1 | -2/+2 | |
validation checks - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=justdave | |||||
2006-02-24 | Patch for bug 328379: Fix spelling: 'visitng' -> 'visiting' in relogin.cgi; ↵ | jocuri%softhome.net | 1 | -1/+1 | |
r=LpSolit, a=myk. | |||||
2005-11-22 | Bug 315524: When an invalid action is passed to relogin.cgi, ↵ | lpsolit%gmail.com | 1 | -0/+5 | |
ThrowTemplateError() is called instead of ThrowCodeError() - Patch by Frédéric Buclin <LpSolit@gmail.com> r=wicked a=justdave | |||||
2005-11-20 | Bug 312441: relogin.cgi allows you to impersonate user accounts you are not ↵ | karl%kornel.name | 1 | -93/+62 | |
allowed to see when 'usevisibilitygroups' is on - Patch by A. Karl Kornel <karl@kornel.name> r=LpSolit a=justdave | |||||
2005-11-05 | Bug 312439: The user being impersonated has "moral" rights to keep informed ↵ | karl%kornel.name | 1 | -7/+24 | |
- Patch by A. Karl Kornel <karl@kornel.name> r=LpSolit a=justdave | |||||
2005-10-24 | Bug 312307: Misused Throw*Error tags in code and templates - Patch by Dennis ↵ | lpsolit%gmail.com | 1 | -1/+1 | |
Melentyev <dennis.melentyev@infopulse.com.ua> r=LpSolit a=justdave | |||||
2005-10-14 | Bug 204498 Add su (setuser) function | bugreport%peshkin.net | 1 | -12/+186 | |
Patch by A. Karl Kornel <karl@kornel.name> r=joel, a=justdave | |||||
2005-08-13 | Bug 302644: relogin.cgi may ask you to login... before logging you out - ↵ | lpsolit%gmail.com | 1 | -1/+2 | |
Patch by Frédéric Buclin <LpSolit@gmail.com> r=wurblzap a=justdave | |||||
2005-08-10 | Bug 301508: Remove CGI.pl - Patch by Frédéric Buclin <LpSolit@gmail.com> ↵ | lpsolit%gmail.com | 1 | -4/+4 | |
r=mkanat,wicked a=justdave | |||||
2004-03-27 | Fix for bug 234175: Remove deprecated ConnectToDatabase() and | kiko%async.com.br | 1 | -4/+2 | |
quietly_check_login()/confirm_login() calls. Cleans up callsites (consisting of most of our CGIs), swapping (where appropriate) for calls to Bugzilla->login. Patch by Teemu Mannermaa <wicked@etlicon.fi>. r=bbaetz, kiko. a=justdave. | |||||
2003-11-27 | Bug 226324: Move relogin.cgi code to Bugzilla::Auth::CGI. Provide a | kiko%async.com.br | 1 | -25/+3 | |
logout() method that is proxied through Bugzilla.pm's logout(), and fix callers to use it. r=justdave, bbaetz, a=justdave | |||||
2003-06-03 | Bug 180635 - Enhance Bugzilla::User to store additional information | bbaetz%acm.org | 1 | -1/+3 | |
r=myk,jake | |||||
2003-05-05 | Bug 201816 - use CGI.pm for header output | bbaetz%acm.org | 1 | -6/+8 | |
r=joel, a=justdave | |||||
2003-03-27 | Bug 196433 - Bugzilla now uses /usr/bin/perl as the shebang line | jake%bugzilla.org | 1 | -1/+1 | |
r=justdave a=justdave | |||||
2002-08-26 | Bug 76923 - Don't |use diagnostics| (its really expensive at startup time) | bbaetz%student.usyd.edu.au | 1 | -1/+0 | |
r=joel x2 | |||||
2002-07-27 | Bug 158658 - relogin.cgi should use a template. This also adds the ability ↵ | gerv%gerv.net | 1 | -12/+6 | |
to localise messages. Patch by gerv; r=burnus. | |||||
2002-05-08 | Bug 140437 - clean up parameters. Patch by gerv; 2xr=justdave. | gerv%gerv.net | 1 | -2/+0 | |
2002-05-08 | Bug 140435 - Templatise GetCommandMenu. Patch by gerv; r=bbaetz, justdave. | gerv%gerv.net | 1 | -0/+1 | |
2002-04-24 | Bug 138588 - change to use new template structure. Patch by gerv, r=myk, ↵ | gerv%gerv.net | 1 | -2/+1 | |
afranke. | |||||
2002-02-24 | Bug 126791 - templatise relogin.cgi | gerv%gerv.net | 1 | -11/+14 | |
2002-02-04 | Bug 95732 - remove logincookies.cryptpassword, and invalidate cookies from | bbaetz%student.usyd.edu.au | 1 | -0/+19 | |
the db when required instead. (Also fixes bug 58242 as a side effect) r=myk, kiko | |||||
2002-01-20 | Fix for bug 108982: enable taint mode for all user-facing CGI files. | justdave%syndicomm.com | 1 | -1/+3 | |
Patch by Brad Baetz <bbaetz@student.usyd.edu.au> r= jake, justdave | |||||
2002-01-19 | Fix for bug 120817 - Log Out and %commandmenu% in bannerhtml, r=justdave,dkl | dkl%redhat.com | 1 | -2/+5 | |
2001-10-13 | Fix for bug 19910: Bugzilla installs on the same server would interfere with ↵ | justdave%syndicomm.com | 1 | -4/+3 | |
each others' cookies. Cookies now have a path value that can be set to indicate which bugzilla install they belong to. Browsers will only send the cookie to the appropriate installation. The path can be set in the 'cookiepath' parameter in editparams.cgi. Patch by Dave Lawrence <dkl@redhat.com> r= myk, justdave | |||||
2000-01-18 | Footer wasn't displaying new state after clicking "log out". | terry%mozilla.org | 1 | -0/+4 | |
2000-01-15 | Patch by Ramon Felciano <felciano@ingenuity.com>, with many tweaks by | terry%mozilla.org | 1 | -1/+1 | |
me. Added a footer to every page. Add some options to do things like display checkboxes instead of scrolling lists, and a new formatting for email diffs, and show list items capitalized instead of all upper case. | |||||
1999-11-02 | updated license boilerplate | dmose%mozilla.org | 1 | -14/+15 | |
1999-09-24 | Patch by holger@holger.om.org (Holger Schurig) -- put the fancy header on ↵ | terry%mozilla.org | 1 | -1/+4 | |
several pages that were missing it. | |||||
1999-06-15 | Assorted minor UI cleanups (mostly putting navigation headers in, and | bryce-mozilla%nextbus.com | 1 | -13/+2 | |
rewording "return to query page" for pages where that is not always true. Also add two options to the main index.html | |||||
1998-11-21 | Backed out Andrew's patch -- turns out it was doing quoting sublty wrong. | terry%netscape.com | 1 | -4/+2 | |
1998-11-17 | Patch by Andrew Anderson <andrew@redhat.com>. Many minor bugfixes and cleanup. | terry%netscape.com | 1 | -2/+4 | |