From 7d65722db6107ed7bee465a98bb46b2046756ff9 Mon Sep 17 00:00:00 2001 From: Frédéric Buclin Date: Sun, 22 Dec 2013 21:26:42 +0100 Subject: Bug 952793: Remove HTML4 elements which are obsolete in HTML5 r/a=justdave --- .../en/default/admin/params/attachment.html.tmpl | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'template/en/default/admin/params/attachment.html.tmpl') diff --git a/template/en/default/admin/params/attachment.html.tmpl b/template/en/default/admin/params/attachment.html.tmpl index 6e0301908..e60753d90 100644 --- a/template/en/default/admin/params/attachment.html.tmpl +++ b/template/en/default/admin/params/attachment.html.tmpl @@ -19,29 +19,29 @@ _ "

This is a security restriction for installations where untrusted" _ " users may upload attachments that could be potentially damaging if" _ " viewed directly in the browser.

" - _ "

It is highly recommended that you set the attachment_base" + _ "

It is highly recommended that you set the attachment_base" _ " parameter if you turn this parameter on.", attachment_base => - "When the allow_attachment_display parameter is on, it is " + "When the allow_attachment_display parameter is on, it is " _ " possible for a malicious attachment to steal your cookies or" _ " perform an attack on $terms.Bugzilla using your credentials." _ "

If you would like additional security on attachments to avoid" _ " this, set this parameter to an alternate URL for your $terms.Bugzilla" - _ " that is not the same as urlbase or sslbase." + _ " that is not the same as urlbase or sslbase." _ " That is, a different domain name that resolves to this exact" _ " same $terms.Bugzilla installation.

" _ "

Note that if you have set the" - _ " cookiedomain" - _" parameter, you should set attachment_base to use a" + _ " cookiedomain" + _" parameter, you should set attachment_base to use a" _ " domain that would not be matched by" - _ " cookiedomain.

" - _ "

For added security, you can insert %bugid% into the URL," + _ " cookiedomain.

" + _ "

For added security, you can insert %bugid% into the URL," _ " which will be replaced with the ID of the current $terms.bug that" _ " the attachment is on, when you access an attachment. This will limit" _ " attachments to accessing only other attachments on the same" _ " ${terms.bug}. Remember, though, that all those possible domain names " - _ " (such as 1234.your.domain.com) must point to this same" + _ " (such as 1234.your.domain.com) must point to this same" _ " $terms.Bugzilla instance.", allow_attachment_deletion => "If this option is on, administrators will be able to delete " _ @@ -50,13 +50,13 @@ maxattachmentsize => "The maximum size (in kilobytes) of attachments to be stored " _ "in the database. If a file larger than this size is attached " _ "to ${terms.abug}, $terms.Bugzilla will look at the " _ - "maxlocalattachment parameter " _ + "maxlocalattachment parameter " _ "to determine if the file can be stored locally on the web server. " _ "If the file size exceeds both limits, then the attachment is rejected. " _ "Settings both parameters to 0 will prevent attaching files to ${terms.bugs}.", maxlocalattachment => "The maximum size (in megabytes) of attachments to be stored " _ "locally on the web server. If set to a value lower than the " _ - "maxattachmentsize parameter, " _ + "maxattachmentsize parameter, " _ "attachments will never be kept on the local filesystem." } %] -- cgit v1.2.3-24-g4f1b