summaryrefslogtreecommitdiffstats
path: root/template
AgeCommit message (Collapse)AuthorFilesLines
2012-07-26Bug 777398: (CVE-2012-1968) [SECURITY] HTML bugmail exposes information ↵Frédéric Buclin1-10/+11
about restricted bugs r=glob a=LpSolit
2012-07-26Bug 777555: Release notes for Bugzilla 4.2.2Frédéric Buclin1-0/+42
r=dkl a=LpSolit
2012-07-26Backout bug 768573 to fix bustageFrédéric Buclin4-6/+6
2012-07-02Bug 553553 - We shouldn't be using terms.Bugzilla in the "please contribute" ↵Matt Selsky1-5/+6
message. r=Wurblzap, a=LpSolit
2012-06-29Bug 762783: Change dependent bugs to use POST when the url exceeds the url ↵Simon Green1-5/+21
length limit r=glob, a=LpSolit
2012-06-26Bug 768573: Templates must INCLUDE bug/field.html.tmpl instead of PROCESS'ing itFrédéric Buclin4-6/+6
r=glob a=LpSolit
2012-06-07Bug 761230: The server push page no longer displays all debug dataFrédéric Buclin1-9/+4
r=timello a=LpSolit
2012-05-29Bug 754672 - CSRF vulnerability in buglist.cgi allows possible unauthorized ↵Reed Loden1-9/+14
setting of default search options [r=LpSolit a=LpSolit]
2012-05-29Bug 754673 - CSRF vulnerability in query.cgi allows possible unauthorized ↵Reed Loden1-1/+2
use of "Set my default search back to the system default" [r=LpSolit a=LpSolit]
2012-05-28Bug 756314: Fix dropping of unique matches when the "confirm page" page is ↵Byron Jones1-4/+4
display. r=LpSolit, a=LpSolit
2012-05-28Bug 754981: Add a link pointing to the bug itself in HTML bugmails when only ↵Koosha Khajeh Moogahi1-0/+1
a comment is added r/a=LpSolit
2012-04-30Bug 749074: Throw an error message instead of syntax error on invalid search ↵Byron Jones1-0/+4
type operators r=LpSolit,a=LpSolit
2012-04-18Bug 745397: (CVE-2012-0466) [SECURITY] The JS template for buglists permits ↵Frédéric Buclin1-37/+0
attackers to access all bugs that the victim can see r=glob a=LpSolit
2012-04-17Bug 741078: Update relnotes for 4.2.1Frédéric Buclin1-3/+6
2012-04-17Bug 745197: Add a hook in Bugzilla::Error::_throw_error() so that extensions ↵Frédéric Buclin1-4/+2
can control the way to throw errors r=dkl a=LpSolit
2012-04-15Comment toggling text is not localizable because it's in a .js file.Marc Schumann1-1/+1
r/a=LpSolit https://bugzilla.mozilla.org/show_bug.cgi?id=745460
2012-04-14Change columns: empty buttons when images turned off.Marc Schumann1-10/+13
r/a=LpSolit https://bugzilla.mozilla.org/show_bug.cgi?id=474747
2012-04-12Bug 741078: Release notes for Bugzilla 4.2.1Frédéric Buclin1-2/+47
r=dkl
2012-04-11If you're not allowed to change status or resolution, their values are being ↵Marc Schumann1-15/+24
displayed unlocalized. r/a=LpSolit https://bugzilla.mozilla.org/show_bug.cgi?id=740879
2012-03-29Bug 554819: Quicksearch should be using Text::ParseWords instead of custom ↵Frédéric Buclin2-8/+96
code in splitString Also fixes QS with accented characters (bug 730207) r=dkl a=LpSolit
2012-03-28Bug 735821: Fix broken HTML code in bugmail.html.tmpl.Tiago Mello1-1/+1
r/a=LpSolit
2012-03-26Bug 734471 - Need new hook edituser search templateFrancisco Donalisio1-0/+3
r=timello, a=LpSolit
2012-03-26Add hooks for alternative login methods. r,a=LpSolit.Gervase Markham2-0/+5
https://bugzilla.mozilla.org/show_bug.cgi?id=698418
2012-03-17Fix bustage: Bugzilla -> terms.BugzillaFrédéric Buclin1-3/+3
https://bugzilla.mozilla.org/show_bug.cgi?id=736057
2012-03-17Bug 736057: Add to the release notes that |FILTER url_quote| has been ↵Frédéric Buclin1-0/+3
replaced by |FILTER uri| r=dkl a=LpSolit
2012-03-10Tabular reports' column headers do not use display_value.Marc Schumann1-1/+1
r/a=LpSolit https://bugzilla.mozilla.org/show_bug.cgi?id=734413
2012-03-06Fix bustageFrédéric Buclin1-1/+0
2012-03-06Bug 545610: Correctly parse CGI parameters, especially when using mod_perlFrédéric Buclin1-6/+7
r=gerv a=LpSolit
2012-03-06Bug 731323: Wrong URLs in the "Total" row at the bottom of tabular reports ↵Frédéric Buclin1-0/+8
when JS is enabled and a user field is used for the vertical axis r=gerv a=LpSolit
2012-03-03Bug 731586: Email notifications about status changes in blockers are ↵Frédéric Buclin2-11/+7
incorrectly formatted r=dkl a=LpSolit
2012-02-28Bug 695514: Slow performance in field-events.js.tmpl on show_bug.cgi with ↵Frédéric Buclin3-3/+14
large number of products r=dkl a=LpSolit
2012-02-25Bug 730552: HTML markup validation: unescaped "&" in CSV link on buglist.cgiFrédéric Buclin1-1/+1
r=timello a=LpSolit
2012-02-22Bug 725663 - (CVE-2012-0453) [SECURITY] CSRF vulnerability in the XML-RPC ↵Dave Lawrence1-0/+5
API when using mod_perl r/a=LpSolit
2012-02-20Bug 718283: Indentation and newlines in the "Descriptive text sent within ↵Matt Selsky1-2/+2
whine message" are ignored in HTML whinemail r/a=LpSolit
2012-02-08Bug 722161: Clickjacking is possible in "View All" with HTML attachmentsFrédéric Buclin1-4/+16
r=dkl a=LpSolit
2012-01-31(CVE-2012-0440) [SECURITY] JSON-RPC permits to bypass token checks and can ↵Frédéric Buclin1-0/+5
lead to CSRF (no victim's action required) r=mkanat a=LpSolit https://bugzilla.mozilla.org/show_bug.cgi?id=718319
2012-01-31Bug 714472: (CVE-2012-0448) [SECURITY] utf8 homoglyphs are allowed in email ↵Frédéric Buclin2-5/+3
addresses, which could allow an attacker to be CC'ed to private bugs by accident r=glob a=LpSolit
2012-01-27Bug 720756 - Update release notes for Bugzilla 4.2rc2Dave Lawrence1-4/+8
r/a=LpSolit
2012-01-26Fix bustage due to bug 715514.Tiago Mello1-1/+1
2012-01-25Bug 715514: Fix showdependencytree misleading in "hide resolved" viewMatt Selsky1-2/+2
r=timello, a=LpSolit
2012-01-12Bug 717215: Remove references to url_quote filterSimon Green2-5/+1
r/a=LpSolit
2012-01-11Bug 717210: If all attachments are stored locally (maxattachmentsize = 0, ↵Simon Green2-3/+3
maxlocalattachment > 0), the link to attach files to bugs is not displayed r/a=LpSolit
2012-01-11Bug 715650 - User auto-completion does not work in request.cgi for requester ↵Dave Lawrence1-1/+2
and requestee as expected r=timello, a=LpSolit
2012-01-11Bug 716227: When checksetup.pl tells the admin that he should edit variables ↵Frédéric Buclin1-6/+8
in localconfig, the message should be red r=timello a=LpSolit
2012-01-10Bug 716283: Clickjacking in the attachment "Details" page allows to bypass ↵Frédéric Buclin2-0/+13
token checks r=dkl a=LpSolit
2012-01-06Bug 706753 about JSON::RPC 1.01 is now fixedFrédéric Buclin1-4/+0
2012-01-06Bug 695294: The See Also field is not visible in "Format for Printing"Matt Selsky1-0/+12
r/a=LpSolit
2012-01-06Bug 715705: User auto-completion doesn't work for watched users in the email ↵Frédéric Buclin1-1/+2
prefs tab r=timello a=LpSolit
2012-01-06Bug 714664: The content of the "emailregexpdesc" parameter is not escaped ↵Frédéric Buclin2-2/+2
when displayed to the user r=dkl a=LpSolit
2011-12-28user_autocompletion -> ajax_user_autocompletionFrédéric Buclin1-1/+1
https://bugzilla.mozilla.org/show_bug.cgi?id=713346