From 0af9c776bc5223556c9140378a7a1ab76d94a7c0 Mon Sep 17 00:00:00 2001 From: Dave Lawrence Date: Wed, 22 Feb 2012 10:48:50 -0500 Subject: Bug 725663 - (CVE-2012-0453) [SECURITY] CSRF vulnerability in the XML-RPC API when using mod_perl r/a=LpSolit --- template/en/default/global/user-error.html.tmpl | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'template/en/default/global') diff --git a/template/en/default/global/user-error.html.tmpl b/template/en/default/global/user-error.html.tmpl index 7408a1a05..fdcdc6626 100644 --- a/template/en/default/global/user-error.html.tmpl +++ b/template/en/default/global/user-error.html.tmpl @@ -1699,6 +1699,11 @@ <[% type FILTER html %]> field. (See the XML-RPC specification for details.) + [% ELSIF error == "xmlrpc_illegal_content_type" %] + When using XML-RPC, you cannot send data as + [%+ content_type FILTER html %]. Allowed content types + are [% constants.XMLRPC_CONTENT_TYPE_WHITELIST.join(', ') %]. + [% ELSIF error == "zero_length_file" %] [% title = "File Is Empty" %] The file you are trying to attach is empty, does not exist, or you don't -- cgit v1.2.3-24-g4f1b