summaryrefslogtreecommitdiffstats
path: root/template/en/default/global
AgeCommit message (Collapse)AuthorFilesLines
2012-11-13Bug 802204 (CVE-2012-4197): [SECURITY] Marking an attachment you cannot see ↵Frédéric Buclin1-2/+1
as obsolete can disclose its description r=gerv a=LpSolit
2012-10-11Bug 798994: Fix incorrect double escaping when displaying saved queries URLsSimon Green1-1/+1
r=glob, a=LpSolit
2012-09-11Bug 790215 - Flag names are not properly escaped when displayed on confirm ↵Reed Loden1-1/+1
user match page [r=LpSolit a=LpSolit]
2012-09-03Bug 786889: Add missing 'Summary (first 60 chars)' header to CSV outputMatt Tyson1-0/+1
r=glob, a=LpSolit
2012-08-20Bug 698068: The "There is no saved search named ..." page has a "forget" linkFrédéric Buclin1-1/+1
r=glob a=LpSolit
2012-05-28Bug 756314: Fix dropping of unique matches when the "confirm page" page is ↵Byron Jones1-4/+4
display. r=LpSolit, a=LpSolit
2012-04-30Bug 749074: Throw an error message instead of syntax error on invalid search ↵Byron Jones1-0/+4
type operators r=LpSolit,a=LpSolit
2012-04-17Bug 745197: Add a hook in Bugzilla::Error::_throw_error() so that extensions ↵Frédéric Buclin1-4/+2
can control the way to throw errors r=dkl a=LpSolit
2012-03-29Bug 554819: Quicksearch should be using Text::ParseWords instead of custom ↵Frédéric Buclin1-0/+21
code in splitString Also fixes QS with accented characters (bug 730207) r=dkl a=LpSolit
2012-02-22Bug 725663 - (CVE-2012-0453) [SECURITY] CSRF vulnerability in the XML-RPC ↵Dave Lawrence1-0/+5
API when using mod_perl r/a=LpSolit
2012-01-31(CVE-2012-0440) [SECURITY] JSON-RPC permits to bypass token checks and can ↵Frédéric Buclin1-0/+5
lead to CSRF (no victim's action required) r=mkanat a=LpSolit https://bugzilla.mozilla.org/show_bug.cgi?id=718319
2012-01-31Bug 714472: (CVE-2012-0448) [SECURITY] utf8 homoglyphs are allowed in email ↵Frédéric Buclin2-5/+3
addresses, which could allow an attacker to be CC'ed to private bugs by accident r=glob a=LpSolit
2012-01-10Bug 716283: Clickjacking in the attachment "Details" page allows to bypass ↵Frédéric Buclin1-0/+3
token checks r=dkl a=LpSolit
2012-01-06Bug 714664: The content of the "emailregexpdesc" parameter is not escaped ↵Frédéric Buclin2-2/+2
when displayed to the user r=dkl a=LpSolit
2011-11-26Bug 255606: Do not let buglist.cgi return all bugs by defaultFrédéric Buclin1-0/+4
r/a=mkanat
2011-11-01Fix missing-space bugs in error messages. a=LpSolit.Gervase Markham3-6/+6
https://bugzilla.mozilla.org/show_bug.cgi?id=698737
2011-10-24Bug 685552 - Email auto-completion causes server to thrashDavid Lawrence1-2/+2
r/a=mkanat
2011-10-01Bug 582529: Ambiguous error message "You did not specify a file to attach" ↵Frédéric Buclin1-0/+4
when deleting an existing attachment filename a=LpSolit
2011-08-29Bug 637648 - Rename the "tags" table to "tag"Stephanie Daugherty1-1/+1
r=LpSolit, a=LpSolit
2011-08-16Bug 678844: When trying to edit a non-existent classification, the error ↵Frédéric Buclin1-2/+4
message has missing words r=glob a=LpSolit
2011-08-10Bug 677187: If the attachment filename contains a newline, an error is ↵Frédéric Buclin1-2/+3
thrown when trying to download the attachment r/a=mkanat
2011-08-04Bug 637981: (CVE-2011-2379) [SECURITY] "Raw Unified" patch diffs can cause ↵Byron Jones1-0/+5
XSS on this domain in IE 6-8 and Safari r/a=LpSolit
2011-08-04Bug 653477: (CVE-2011-2380) [SECURITY] Group names can be guessed when ↵Frédéric Buclin1-20/+8
creating or editing a bug r=mkanat a=LpSolit
2011-08-04Bug 676237: The traceback in code-error.html.tmpl is displayed on a single lineFrédéric Buclin1-1/+1
r=glob a=LpSolit
2011-08-01Bug 634812: Having a very large number of custom fields can make displaying ↵Frédéric Buclin1-1/+3
show_bug.cgi slow r=glob a=LpSolit
2011-08-01Bug 674574: When all components or versions are disabled, you cannot enter ↵Frédéric Buclin1-2/+2
bugs into the product but it's listed in enter_bug.cgi anyway r=dkl a=LpSolit
2011-07-26Bug 674089: Add a new hook 'end_object_name' in user-error.html.tmpl templateTiago Mello1-0/+1
r/a=mkanat
2011-07-26Bug 674117: Add a new hook 'auth_failure_object' in user-error.html.tmpl ↵Tiago Mello1-0/+2
template r/a=mkanat
2011-07-25Bug 642388: Description of field days_elapsed missing from ↵Frédéric Buclin1-0/+1
global/field-descs.none.tmpl r=wurblzap a=LpSolit
2011-07-25Bug 589128: Adds a preference allowing users to choose between text or htmlByron Jones1-0/+3
for bugmail. r=LpSolit, a=LpSolit
2011-07-05Bug 658929 - User autocomplete is very slow when there are lots of users in ↵David Lawrence1-0/+2
the profiles table r/a=mkanat
2011-07-01Revert wrong indentation, see bug 652427Frédéric Buclin1-1/+1
2011-06-29Bug 652427: Going back to the new bug page loses the description if possible ↵Guy Pyrzak1-1/+2
duplicates have been searched for r=mkanat, r=mkanat
2011-05-30Bug 660464: Linkify the tag name in the confirmation message when tagging bugsFrédéric Buclin1-1/+2
r=glob a=LpSolit
2011-05-10Bug 28849: Block users from CCing other users if they do not have editbugs privsByron Jones1-0/+4
r=LpSolit, a=LpSolit
2011-05-06Bug 653341: Bug.create() fails to error out if an invalid group is passedFrédéric Buclin1-0/+7
r/a=mkanat
2011-04-29Bug 653406: fix escaping of url vars in error messagesByron Jones1-8/+8
r=LpSolit, a=LpSolit
2011-04-28Bug 423612 - Allow editing extern_id for users from the admin interfaceJochen Wiedmann2-0/+10
r=mkanat, a=mkanat
2011-04-25Bug 652405: All user fields (assignee, QA contact, Add CC) have the page ↵Frédéric Buclin1-3/+3
title as the "title" attribute r=dkl a=LpSolit
2011-04-02Bug 647466: Allow Search.pm to take the new URL syntax for custom searchMax Kanat-Alexander1-0/+7
r=mkanat, a=mkanat (module owner)
2011-03-09Bug 634310: Remove WCAG 2.0 violations from the index.cgi to make itFrancisco Donalisio2-2/+2
W3C WAI compliant. r=timello, a=LpSolit
2011-03-09Bug 639371: Include the charset into HTML pages when the utf8 param is trueBjoern Jacke1-0/+4
r/a=mkanat
2011-03-03Bug 638489 - Make all boolean charts work with longdescs.isprivateMax Kanat-Alexander1-0/+4
r=mkanat, a=mkanat (module owner)
2011-03-02Bug 624414: BUGZILLA.value_descs was always empty in the JS, and display_valueMax Kanat-Alexander4-21/+41
wasn't translating values. r=glob, a=mkanat
2011-03-01Bug 616341: Make "tag" a valid search field in Search.pm, for the newMax Kanat-Alexander1-0/+1
tagging system r=mkanat, a=mkanat (module owner)
2011-02-18Bug 580490 - Quicksearch should optionally not search commentsDavid Lawrence1-0/+1
r/a=mkanat
2011-02-16Bug 624522: Add support for SourceForge URLs in "see also"Tiago Mello1-0/+1
r/a=mkanat
2011-02-15Bug 634243: Stop confirm-match.html.tmpl from sending extra, empty values forMax Kanat-Alexander1-1/+6
each field being confirmed. This fixes a bug where confirming would fail, displaying a value with an extra comma at the end. r=LpSolit, a=LpSolit
2011-02-14Bug 621122: Add support for MantisBT URLs in "see also".Reed Loden1-0/+1
[r=timello a=mkanat]
2011-02-14Bug 543667: Add support for Trac URLs in "see also".Matt Selsky1-0/+1