Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2018-04-04 | Bug 1446431 - Allow Baseline scan to ignore forms that dont need CSRF Tokens | Simon Bennetts | 11 | -14/+14 | |
The data-no-csrf attribute is used to signify that a form is 'safe' (ie doesn't actually make any permanent changes) and so doesn't need an anti-csrf token. | |||||
2018-03-29 | Bug 1200695 - API-key-creation emails should reflect if the action was a ↵ | Israel Madueme | 1 | -0/+8 | |
result of auth delegation | |||||
2018-03-21 | Bug 1447669 - Add localconfig parameter for changing shadowdb user and pass | Israel Madueme | 1 | -0/+6 | |
2018-03-21 | Bug 1444008 - Fix sanity tests for unfiltered urlbase | Dylan William Hardison | 1 | -1/+1 | |
2018-03-20 | Bug 1444008 - Form action injection in Bugzilla /user_profile (leads to ↵ | Dylan William Hardison | 1 | -1/+1 | |
XSS/single-factor credential leakage) | |||||
2018-03-19 | Bug 1440328 - Obfuscate mentor email for users that aren't logged in | Israel Madueme | 1 | -0/+1 | |
2018-03-12 | Bug 1427503 - Allow all users to use Duo as the MFA provider. | Tom Prince | 1 | -3/+3 | |
2018-03-12 | Bug 1437238 - Create override parameters for mailer configuration | Dylan William Hardison | 1 | -1/+1 | |
2018-03-05 | Bug 1433573 - Display the short URL link even for queries without any results | byron jones | 1 | -16/+18 | |
2018-03-05 | Bug 1429344 - Review requests in requests dropdown should link to MozReview ↵ | Kohei Yoshino | 2 | -5/+5 | |
or GitHub instead of Bugzilla details page | |||||
2018-03-02 | Bug 1442520 - move inbound_proxies to localconfig | Dylan William Hardison | 2 | -9/+5 | |
2018-02-28 | Bug 1441475 - Added rel tags to links with target=_blank | Simon Bennetts | 3 | -12/+12 | |
2018-02-27 | Bug 1438206 - Process SES email bounces properly | byron jones | 3 | -0/+56 | |
2018-02-21 | Bug 1439797 - Enable reporting-only CSP by default | Dylan William Hardison | 34 | -78/+100 | |
2018-02-20 | Bug 1432296 - Prevent bugzilla static assets from being blocked by overly ↵ | Dylan William Hardison | 1 | -1/+6 | |
long request URIs | |||||
2018-01-31 | Bug 1433993 - Outdated FreeOTP link in user preferences | Emma Humphries | 1 | -3/+3 | |
2018-01-23 | Bug 1428270 - Unwrappable content in summary can cause top buttons to bleed ↵ | Kohei Yoshino | 2 | -2/+2 | |
out of main content box | |||||
2018-01-18 | Bug 1429688 - focus Search Bugs box by default | Kohei Yoshino | 1 | -1/+1 | |
2018-01-09 | Bug 1429076 - Can we have a lock icon for requests in security-sensitive ↵ | Kohei Yoshino | 1 | -2/+2 | |
bugs in Requests Quick Look Dropdown? | |||||
2018-01-09 | Bug 1429075 - Encoding issue in notification area (mojibake) | Dylan William Hardison | 1 | -1/+5 | |
2018-01-08 | Bug 1428641 - Implement Requests quick look dropdown on global header | Kohei Yoshino | 1 | -0/+42 | |
2018-01-08 | Bug 1428642 - Fix minor bugs on new global header | Kohei Yoshino | 2 | -4/+5 | |
* The magnifier icon on the search bar should not trigger search as reported in https://twitter.com/colinjoy/status/949035254949523457 * The search dropdown should show Saved Searches Edit link as suggested in my UX analysis * Remove the CSS transition on the More Tools button for consistency. I didn't add the transition; it's default style for buttons * Fix the position of the arrow/triangle on dropdown lists. An error of 1px. * Add `user-select: none;` to `#header` https://developer.mozilla.org/en-US/docs/Web/CSS/user select | |||||
2018-01-08 | Bug 1427800 - Wrong anchor scrolling with old UI | Kohei Yoshino | 1 | -1/+1 | |
2018-01-05 | Bug 1428227 - Google doesn't index bugzilla.mozilla.org any more | Dylan William Hardison | 3 | -5/+5 | |
2018-01-04 | Bug 1428166 - Move <meta charset> to start of <head> | Edgaras | 1 | -4/+4 | |
The <meta> element declaring the encoding must be inside the <head> element and within the first 1024 bytes of the HTML as some browsers only look at those bytes before choosing an encoding. https://developer.mozilla.org/en-US/docs/Web/HTML/Element/meta#attr-charset | |||||
2018-01-04 | Bug 1426475 - Make unknown bug id / alias error message more obvious to ↵ | Dylan William Hardison | 1 | -1/+7 | |
prevent content spoofing | |||||
2018-01-03 | Bug 1426685 - Fix regressions from fixed-positioning global header | Kohei Yoshino | 7 | -13/+10 | |
2018-01-02 | Bug 1426673 - The logout link cannot be found as what Sessions page says | Kohei Yoshino | 1 | -1/+1 | |
2018-01-02 | Bug 1426507 - Upgrade BMO to HTML5 | Fateh Sandhu | 45 | -103/+102 | |
2017-12-20 | Bug 1361890 - Remove asset concatenation | Dylan William Hardison | 8 | -58/+50 | |
2017-12-19 | Bug 1420771 - Remove global footer | Kohei Yoshino | 5 | -114/+67 | |
2017-12-16 | Bug 1403777 - Migrate urlbase from params to localconfig | Dylan William Hardison | 7 | -91/+26 | |
2017-12-13 | Bug 1376826 - New HTML Header for BMO | Kohei Yoshino | 4 | -173/+169 | |
2017-12-02 | Bug 1417980 - Fix non-HTTPS links and outdated links where possible | Kohei Yoshino | 13 | -65/+65 | |
2017-12-02 | Bug 1420295 - Remove the Bugzilla version number from homepage | Kohei Yoshino | 6 | -14/+1 | |
2017-12-01 | Bug 1420300 - Move bug tagging tool from global footer to bug footer | Kohei Yoshino | 4 | -18/+6 | |
2017-11-30 | Bug 1363889 - Update BMO to use new Mozilla branding | Kohei Yoshino | 1 | -4/+0 | |
2017-10-02 | fix typos in mfa message | Dylan William Hardison | 1 | -2/+2 | |
2017-09-27 | Bug 1401569 - typo in "enabled two-factor authentication" | byron jones | 1 | -2/+2 | |
2017-09-25 | Bug 1401463 - In bugzilla "you must reset password" state, all bug pages are ↵ | Dylan William Hardison | 2 | -0/+19 | |
force-redirected to password reset page, which loses "to-do" information that I have encoded as open tabs viewing particular bug pages | |||||
2017-09-19 | Bug 1400949 - Password requirements not stated | Dylan William Hardison | 6 | -23/+26 | |
2017-09-19 | Bug 1400419 - Direct GitHub-auth'd users that are required to use 2FA to ↵ | Dylan William Hardison | 1 | -3/+19 | |
issue a password reset | |||||
2017-09-15 | Bug 1364233 - Add setting to force a group to require MFA and restrict users ↵ | Dylan William Hardison | 3 | -6/+47 | |
in that group who have not enabled MFA | |||||
2017-09-15 | Bug 1391702 - Replace Bugzilla::User::validate_password() with calls to ↵ | Dylan William Hardison | 3 | -20/+78 | |
Data::Password::passwdqc | |||||
2017-09-13 | Bug 1398889 - Add param 'silent_users' that never trigger sending bugmail | Dylan William Hardison | 1 | -1/+3 | |
* Add param silent_users * Add method is_silent_user to User class, which returns true if the login name matches an entry in silent_users. * Change user_wants_mail() to return false if the changer is a silent user. * Change is_global_watcher() in User class code to use any instead of grep * Change regex used to parse param 'globalwatchers' to use consistent regex in BugMail.pm and User.pm | |||||
2017-09-09 | Bug 1398340 - Typo in 2fa enrollment flow: "enrolment" (missing an L) (#232) | Dylan William Hardison | 2 | -3/+3 | |
2017-08-30 | Bug 1394915- Protect against 2FA by-pass in reset_password.cgi | Mary Umoh | 1 | -0/+4 | |
2017-08-29 | Bug 1392769 - Add other fields to new-bug | Sebastin Santy | 1 | -2/+58 | |
2017-08-29 | Bug 1394466 - Include noindex on error pages | Mary Umoh | 3 | -121/+127 | |
2017-08-24 | Bug 1393145 - See if we can add a directive/rule to robots.txt to get search ↵ | Mary Umoh | 1 | -0/+1 | |
engines to crawl more slowly |