From fe5deaa737630825b6012487ee5bc583d3c17343 Mon Sep 17 00:00:00 2001 From: David Lawrence Date: Tue, 26 Aug 2014 14:46:42 +0800 Subject: Bug 1058355: bugzilla.mozilla.org leaks emails to logged out users in "Latest Activity" search URLs --- .../en/default/pages/user_profile.html.tmpl | 78 +++++++++++++--------- 1 file changed, 47 insertions(+), 31 deletions(-) (limited to 'extensions/UserProfile/template/en/default/pages') diff --git a/extensions/UserProfile/template/en/default/pages/user_profile.html.tmpl b/extensions/UserProfile/template/en/default/pages/user_profile.html.tmpl index b7f7e56f2..ba2c4ab57 100644 --- a/extensions/UserProfile/template/en/default/pages/user_profile.html.tmpl +++ b/extensions/UserProfile/template/en/default/pages/user_profile.html.tmpl @@ -92,9 +92,11 @@ Last activity - - [% target.last_activity_ts FILTER time %] - + [% IF user.id %] + + [% END %] + [% target.last_activity_ts FILTER time %] + [% "" IF user.id %] @@ -123,30 +125,36 @@   Review requests - - [% target.review_request_count FILTER html %] - + [% IF user.id %] + + [% END %] + [% target.review_request_count FILTER html %] + [% "" IF user.id %]   Feedback requests - - [% target.feedback_request_count FILTER html %] - + [% IF user.id %] + + [% END %] + [% target.feedback_request_count FILTER html %] + [% "" IF user.id %]   Needinfo requests - - [% target.needinfo_request_count FILTER html %] - + [% IF user.id %] + + [% END %] + [% target.needinfo_request_count FILTER html %] + [% "" IF user.id %] [% END %] @@ -162,10 +170,12 @@   [% terms.Bugs %] filed - - [% stats.bugs_filed || 0 FILTER html %] - + [% IF user.id %] + + [% END %] + [% stats.bugs_filed || 0 FILTER html %] + [% "" IF user.id %] @@ -177,30 +187,36 @@   Assigned to - - [% stats.assigned || 0 FILTER html %] - + [% IF user.id %] + + [% END %] + [% stats.assigned || 0 FILTER html %] + [% "" IF user.id %]   Commented on - - [% stats.commented_on || 0 FILTER html %] - + [% IF user.id %] + + [% END %] + [% stats.commented_on || 0 FILTER html %] + [% "" IF user.id %]   QA-Contact - - [% stats.qa_contact || 0 FILTER html %] - + [% IF user.id %] + + [% END %] + [% stats.qa_contact || 0 FILTER html %] + [% "" IF user.id %] -- cgit v1.2.3-24-g4f1b