From a3b0a94e697ed4478cde8de2fb22e9545dc41c8e Mon Sep 17 00:00:00 2001 From: Byron Jones Date: Tue, 28 Aug 2012 23:22:11 +0800 Subject: Bug 772953: Remove the token from buglist urls r=dkl, a=LpSolit --- Bugzilla/CGI.pm | 5 +++++ buglist.cgi | 3 ++- js/custom-search.js | 8 ++++++++ template/en/default/list/list.html.tmpl | 3 +++ template/en/default/search/search-advanced.html.tmpl | 12 +++++++++++- 5 files changed, 29 insertions(+), 2 deletions(-) diff --git a/Bugzilla/CGI.pm b/Bugzilla/CGI.pm index ed8540b2a..0385af2cb 100644 --- a/Bugzilla/CGI.pm +++ b/Bugzilla/CGI.pm @@ -171,6 +171,11 @@ sub clean_search_url { # Delete leftovers from the login form $self->delete('Bugzilla_remember', 'GoAheadAndLogIn'); + # Delete the token if we're not updating the defaults + unless (defined $self->param('remtype') && $self->param('remtype') eq 'asdefault') { + $self->delete("token"); + } + foreach my $num (1,2,3) { # If there's no value in the email field, delete the related fields. if (!$self->param("email$num")) { diff --git a/buglist.cgi b/buglist.cgi index 3466b4681..d8da0a6bb 100755 --- a/buglist.cgi +++ b/buglist.cgi @@ -1035,7 +1035,8 @@ else { # Set 'urlquerypart' once the buglist ID is known. $vars->{'urlquerypart'} = $params->canonicalise_query('order', 'cmdtype', - 'query_based_on'); + 'query_based_on', + 'token'); if ($format->{'extension'} eq "csv") { # We set CSV files to be downloaded, as they are designed for importing diff --git a/js/custom-search.js b/js/custom-search.js index f8332a0bf..89a788073 100644 --- a/js/custom-search.js +++ b/js/custom-search.js @@ -134,7 +134,15 @@ function fix_query_string(form_member) { return; var form = YAHOO.util.Dom.getAncestorByTagName(form_member, 'form'); + // Disable the token field so setForm doesn't include it + var reenable_token = false; + if (form['token'] && !form['token'].disabled) { + form['token'].disabled = true; + reenable_token = true; + } var query = YAHOO.util.Connect.setForm(form); + if (reenable_token) + form['token'].disabled = false; window.History.replaceState(null, document.title, '?' + query); } diff --git a/template/en/default/list/list.html.tmpl b/template/en/default/list/list.html.tmpl index 1dfdf51c2..1c5c22810 100644 --- a/template/en/default/list/list.html.tmpl +++ b/template/en/default/list/list.html.tmpl @@ -38,6 +38,9 @@ &list_id=[% cgi.param('list_id') FILTER uri %] [%~ END %] [% END %] + [% ELSIF cgi.param('token') != '' %] + [% new_url = 'buglist.cgi?' + _ cgi.canonicalise_query('token', 'cmdtype', 'remtype') %] [% END %] if (history && history.replaceState) { diff --git a/template/en/default/search/search-advanced.html.tmpl b/template/en/default/search/search-advanced.html.tmpl index 7b2a347b9..2bff834bc 100644 --- a/template/en/default/search/search-advanced.html.tmpl +++ b/template/en/default/search/search-advanced.html.tmpl @@ -15,10 +15,19 @@ [% USE Bugzilla %] [% cgi = Bugzilla.cgi %] +[% javascript = BLOCK %] +function remove_token() { + if (queryform.token) { + var asDefault = document.getElementById('remasdefault'); + queryform.token.disabled = !asDefault.checked; + } +} +[% END %] [% PROCESS global/header.html.tmpl title = "Search for $terms.bugs" yui = [ 'autocomplete', 'calendar' ] + javascript = javascript javascript_urls = [ "js/util.js", "js/TUI.js", "js/field.js"] style_urls = [ "skins/standard/search_form.css" ] doc_section = "query.html" @@ -30,7 +39,8 @@

Hover your mouse over each field label to get help for that field.

-
+ [% PROCESS search/form.html.tmpl %] -- cgit v1.2.3-24-g4f1b