Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2011-01-24 | Bug 619588: (CVE-2010-4567) [SECURITY] Safety checks that disallow clicking ↵ | Frédéric Buclin | 1 | -4/+1 | |
for javascript: or data: URLs in the URL field can be evaded with prefixed whitespace and Bug 628034: (CVE-2011-0048) [SECURITY] For not-logged-in users, the URL field doesn't safeguard against javascript: or data: URLs r=dkl a=LpSolit | |||||
2011-01-22 | Bug 621128 - Remove trailing whitespace from '<div id="view_disabled" >' | timeless | 1 | -1/+1 | |
[r=reed a=LpSolit] | |||||
2010-11-21 | Bug 386600: Implement auto-completion for the requestee field | Guy Pyrzak | 2 | -2/+4 | |
r/a=LpSolit | |||||
2010-10-30 | Bug 608437: Unused variables passed to flag/list.html.tmpl | Frédéric Buclin | 2 | -5/+2 | |
a=LpSolit (module owner) | |||||
2010-10-29 | Bug 600516: The "Content Type" and "Flags" sections are not displayed when ↵ | Frédéric Buclin | 1 | -2/+2 | |
trying to add attachments on an existing bug and the user previously clicked "Hide Advanced Fields" in enter_bug.cgi a=LpSolit (module owner) | |||||
2010-10-28 | Bug 607716: The attachment content is pasted into a comment when editing an ↵ | Guy Pyrzak | 1 | -0/+5 | |
attachment with JS disabled r=LpSolit r=mkanat a=LpSolit | |||||
2010-10-27 | Bug 551468: Stop word-wrapping comments on the server | Max Kanat-Alexander | 1 | -1/+1 | |
r=glob, a=mkanat | |||||
2010-10-16 | Bug 596079: Merge content-types.html.tmpl with createformcontents.html.tmpl | Frédéric Buclin | 2 | -28/+17 | |
r=timello a=LpSolit | |||||
2010-10-03 | Bug 414509: offer View All (non obsolete) attachments | Guy Pyrzak | 2 | -2/+13 | |
r=LpSolit, a=LpSolit | |||||
2010-09-28 | Bug 595380: Add a ?mtime string to all of the manually-inserted | Max Kanat-Alexander | 1 | -2/+4 | |
<script src> and <link href> tags in Bugzilla r=glob, a=mkanat | |||||
2010-08-29 | Bug 580865: Rename the "edit" link on Attachment Details to "edit details" | Guy Pyrzak | 1 | -1/+1 | |
r=mkanat, a=mkanat | |||||
2010-07-23 | Bug 398701: Replace |FILTER url_quote| by |FILTER uri| | Frédéric Buclin | 2 | -5/+5 | |
r/a=mkanat | |||||
2010-07-19 | Bug 579749: Linkify the URL found in attachments (restore the is_url ↵ | Frédéric Buclin | 1 | -5/+22 | |
behavior) if there is only an URL in them r/a=LpSolit | |||||
2010-07-18 | Bug 119703: Create an attachment by pasting it into a text field | Frédéric Buclin | 4 | -53/+34 | |
r/a=mkanat | |||||
2010-07-08 | Bug 490930: Always store attachments locally if they are over X size (and ↵ | Frédéric Buclin | 1 | -12/+0 | |
below some threshold!), don't ever display "Big File" checkbox r=mkanat a=LpSolit | |||||
2010-04-19 | Bug 560215: maxattachmentsize = 0 means that you cannot attach any file to bugs | Frédéric Buclin | 1 | -2/+6 | |
r=mkanat a=LpSolit | |||||
2010-03-28 | Bug 529433 - "Show name and full e-mail in a tooltip for flag setters and ↵ | Reed Loden | 1 | -2/+14 | |
requestees" [r=LpSolit a=LpSolit] | |||||
2010-03-03 | fix for button | Guy Pyrzak | 1 | -5/+5 | |
2010-03-03 | 101770v2 | Guy Pyrzak | 1 | -27/+29 | |
2010-03-03 | 101770 | Guy Pyrzak | 4 | -155/+180 | |
2010-02-17 | Bug 546340 - Change <a name> anchors to use @id | Gordon P. Hemsley | 2 | -6/+6 | |
r=mkanat, a=mkanat | |||||
2010-02-10 | Bug 545253: Do not display flags as editable when you cannot edit attachment ↵ | Frédéric Buclin | 1 | -0/+1 | |
attributes a=LpSolit (module owner) | |||||
2009-12-18 | Bug 162060: Remove the relationship between "votestoconfirm" and whether or ↵ | mkanat%bugzilla.org | 1 | -1/+2 | |
not the UNCONFIRMED status is available, by adding a checkbox to enable the UNCONFIRMED status in editproducts.cgi. Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit | |||||
2009-12-07 | Bug 530009: Put the template header stuff required to display show_bug all ↵ | mkanat%bugzilla.org | 2 | -34/+2 | |
in one place Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit | |||||
2009-12-04 | Bug 524065: Template Hook for attachment creating and editing, at end | mkanat%bugzilla.org | 2 | -0/+4 | |
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> (module owner) a=mkanat | |||||
2009-11-16 | Bug 528872 - "Attachments in attachments table should have CSS classes to ↵ | reed%reedloden.com | 1 | -1/+5 | |
help with styling" [p=reed r=LpSolit a=LpSolit] | |||||
2009-11-10 | Bug 505038: Use $user->is_insider instead of ↵ | lpsolit%gmail.com | 1 | -3/+2 | |
$user->in_group(Bugzilla->params->{'insidergroup'}) - Patch by XqueZme <xquezme@gmail.com> r/a=LpSolit | |||||
2009-10-23 | Bug 365267: attachment.cgi should not be editable when the user is not ↵ | lpsolit%gmail.com | 2 | -55/+110 | |
logged in - Patch by Frédéric Buclin <LpSolit@gmail.com> r=pyrzak a=LpSolit | |||||
2009-10-19 | Bug 516635 - "Add "bz_product_<product-name>" to body classes" [p=reed ↵ | reed%reedloden.com | 2 | -0/+2 | |
r=LpSolit a=LpSolit] | |||||
2009-10-01 | Bug 509053: Implement Bugzilla->feature (feature_enabled in the templates), ↵ | mkanat%bugzilla.org | 2 | -5/+5 | |
and use it to detect when PatchReader is available. Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit | |||||
2009-10-01 | Bug 512623: Change get_status and get_resolution to display_value everywhere. | mkanat%bugzilla.org | 1 | -2/+2 | |
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit | |||||
2009-09-27 | Bug 408807: Need a link pointing to the bug report from the attachment ↵ | lpsolit%gmail.com | 3 | -1/+6 | |
details and diff pages - Patch by A.A. Shimono (himorin) <shimono+bug@gmail.com> r/a=LpSolit | |||||
2009-09-22 | Bug 388830: Use JS to make sure there's a Description value when submitting ↵ | mkanat%bugzilla.org | 1 | -1/+3 | |
an attachment Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=LpSolit | |||||
2009-08-06 | Bug 508737: Allow Bugzilla::Template::get_bug_link to take a Bugzilla::Bug ↵ | mkanat%bugzilla.org | 2 | -2/+2 | |
object if one is available Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit | |||||
2009-07-20 | Bug 488943: Clarify the text of the "Private" checkbox for comments and ↵ | mkanat%bugzilla.org | 2 | -4/+10 | |
attachments Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=pyrzak, r=LpSolit, a=LpSolit | |||||
2009-07-09 | Bug 352615: Group empty cells together to reduce the size of the diff page - ↵ | lpsolit%gmail.com | 1 | -17/+25 | |
Patch by Frédéric Buclin <LpSolit@gmail.com> a=LpSolit (module owner) | |||||
2009-06-23 | Bug 477464: Move JS code out of attachment/edit.html.tmpl - Patch by Nitish ↵ | lpsolit%gmail.com | 1 | -130/+9 | |
Bezzala <nbezzala@yahoo.com> r/a=LpSolit | |||||
2009-05-29 | Bug 494751 - Toggling Add/Don't add attachment doesn't reset JS state | bbaetz%acm.org | 2 | -2/+7 | |
r/a=mkanat | |||||
2009-03-30 | Bug 476603 - "[SECURITY] Editing attachments doesn't have any CSRF ↵ | reed%reedloden.com | 1 | -0/+3 | |
protection" [p=reed r=LpSolit a=LpSolit] | |||||
2009-03-09 | Bug 481952 - "Confirm attachment deletion page puts HTML in <title>" [p=reed ↵ | reed%reedloden.com | 1 | -2/+1 | |
r=LpSolit a=LpSolit] | |||||
2009-02-12 | Bug 475063: Make the logged-out index.cgi simpler | mkanat%bugzilla.org | 4 | -6/+3 | |
Patch By Guy Pyrzak <guy.pyrzak@gmail.com> r=mkanat, a=mkanat | |||||
2009-02-11 | Bug 375382: When viewing a bug, make obsolete attachments hidden by default | mkanat%bugzilla.org | 1 | -20/+21 | |
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit | |||||
2009-02-11 | Bug 376673: Add a simple version of the bug entry form (enter_bug.cgi) | mkanat%bugzilla.org | 1 | -4/+5 | |
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=pyrzak, r=LpSolit, a=LpSolit | |||||
2009-02-02 | Bug 472206: [SECURITY] Bugzilla should optionally not allow the user to view ↵ | lpsolit%gmail.com | 2 | -2/+15 | |
possibly harmful attachments - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat r=justdave a=LpSolit | |||||
2009-02-02 | Bug 38862: [SECURITY] attachments should be at a different hostname - Patch ↵ | lpsolit%gmail.com | 1 | -30/+5 | |
by Byron Jones <bugzilla@glob.com.au> and Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=LpSolit | |||||
2009-01-29 | Bug 219021: Only display email addresses to logged-in users | mkanat%bugzilla.org | 1 | -4/+1 | |
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit | |||||
2008-12-09 | Bug 460752: Move hardcoded CSS from attachment/diff-header.html.tmpl into a ↵ | lpsolit%gmail.com | 1 | -74/+3 | |
separate CSS file - Patch by Frédéric Buclin <LpSolit@gmail.com> r=ghendricks a=LpSolit | |||||
2008-10-21 | Bug 460754: Move JS code out of attachment/diff-header.html.tmpl - Patch by ↵ | lpsolit%gmail.com | 1 | -106/+3 | |
Frédéric Buclin <LpSolit@gmail.com> r=wicked a=LpSolit | |||||
2008-10-21 | Bug 460749: Firefox 3.1 no longer supports -moz-pre-wrap (nor does Opera!) - ↵ | lpsolit%gmail.com | 1 | -1/+3 | |
Patch by Frédéric Buclin <LpSolit@gmail.com> r=pyrzak a=LpSolit | |||||
2008-09-19 | Bug 455808: "YAHOO is not defined" JS error thrown when editing attachments | guy.pyrzak%gmail.com | 2 | -1/+2 | |
Patch by Guy Pyrzak <guy.pyrzak@gmail.com> r=mkanat, a=mkanat |