Граф коммитов

42 Коммитов

Автор SHA1 Сообщение Дата
cls%seawood.org 00f5546dc0 Do not allow access to CVSROOT.
Bug #204126 r=timeless
2004-12-01 08:40:33 +00:00
cls%seawood.org 9125da2795 Quote all values to be used in urls or in html output.
Bug #261616 r=timeless
2004-12-01 04:46:35 +00:00
cls%seawood.org 3ba86c6240 Use : instead of + as file separator to avoid + being converted to a space.
Bug #261616 r=timeless
2004-12-01 01:11:37 +00:00
cls%seawood.org fc87798b71 Verify that the given cvsroot is actually in our repository list.
Bug #261616 r=timeless
2004-12-01 00:22:53 +00:00
cls%seawood.org 42bf1ea441 Add check routines to sanitize user input.
Rename sanitize_revision to SanitizeRevision and move it to globals.pl.
Bug #261616 r=timeless
2004-11-30 23:56:13 +00:00
cls%seawood.org f0886ed803 Remove 'use diagnostics' calls to speed up scripts.
Bug #204463 r=justdave
2004-09-18 05:02:17 +00:00
cls%seawood.org 6653ecac41 Fix security issue related to unsanitized rcs version strings:
* Added sanitize_revision()
* Do not install SourceChecker.*
* Add ~ & ` to shell_escape()
Bug #39284 r=timeless
2004-09-15 22:44:55 +00:00
cls%seawood.org f2f73e6054 Misc cleanup to better handle files with spaces & special chars:
* Do not encode / in url_quote
* Do not install old/unused perl scripts
* Update README
* Replace system(rm/mkdir) calls with standard perl modules
* Use url_quote to quote filenames when passing files between cgis
* Use shell_escape on filenames that are passed to system calls via open()

Bug #44642 r=timeless
2004-09-15 15:48:18 +00:00
cls%seawood.org ca74a48c90 Escape special chars in filenames when calling rlog.
Fix minor 'used once' warnings.
Bug #258668 r=timeless
2004-09-13 21:41:22 +00:00
timeless%mozdev.org 8298355fdc Bug 253010 bonsai diffs looks doublespaced (extra newlines)
css per dbaron, r=vladd
also changed cvsblame per mvl
2004-08-01 19:59:46 +00:00
timeless%mozdev.org 703bea9559 Bug 233967 Bonsai showing stale pages
r=kiko
2004-02-19 06:53:19 +00:00
timeless%mozdev.org 87f22fce3a Bug 176316 Add Last-Modified support to bonsai
Adds optional path parameter to parse_rcs_file
Adds required http header call to do_directory
patch by rperrot@debian.org r=justdave
2003-05-19 12:58:45 +00:00
tara%tequilarista.org 1ddb4ddc5b Checking in a fix for bug #187239--preventing fully qualified paths from being displayed. 2003-04-02 05:42:22 +00:00
timeless%mozdev.org 9d2fa1d485 Bug 181566 cvsview2.cgi fails if $0 has no path
patch by not_erik@dasbistro.com r=timeless
2003-03-05 17:06:11 +00:00
timeless%mozdev.org 6b211e86fa Bug 176316 Add Last-Modified support to bonsai
r=tara
2003-03-05 14:49:20 +00:00
tara%tequilarista.org 25eaf5cc21 Partial fix for bug 104313, making the default behavior of the diff page be correct, at least 2002-10-24 17:53:38 +00:00
jake%acutex.net dd2978ec24 Bug 122663 - Eliminate some undefined value warnings in cvsview2.cgi and cvsqueryform.cgi
Patch by Jody McIntyre <jodym@oeone.com>
r=jake
2002-03-27 14:52:04 +00:00
jake%acutex.net e61bb9f70d Bug 121105 - type="application/x-javascript" confuses IE, so we should use the new $::script_type variable added in bug 123339.
r= kiko
2002-02-13 14:19:07 +00:00
jake%acutex.net e193dc9fd4 Bug 121636 - Provide support for cvsgraph (requires the cvsgraph binary, see bug 121636 for more information).
r= kiko
2002-02-01 14:32:55 +00:00
timeless%mac.com 61d2900ff9 Bug 27506 The Bonsai pages contain SCRIPTs which are not enclosed in
<!-- -->, greatly confusing some HTML parsers.
r=kiko
2001-10-11 18:44:14 +00:00
endico%mozilla.org b0e5e6903d Lets be consistant. Switch back to #!/usr/bonsaitools/bin/perl -w 2001-03-25 08:59:55 +00:00
dave%intrec.com b465fdb8d1 Fix for bug 54690: security holes in cvsview2.cgi by lax validation of the http query string. Fixed by retrieving parms via CGI.pm instead of trying to dynamically parse them from the query string. Patch by Adam Spiers <adam@spiers.net> 2001-03-01 22:18:55 +00:00
tara%tequilarista.org 133606438f Landing Adam Spiers' contributions for security and small functional issues 2000-07-25 18:58:54 +00:00
dmose%mozilla.org b34de55811 Security check needs to happen after the eval, so that it's matching
variable side-effects don't hurt us.
2000-05-12 17:51:00 +00:00
dmose%mozilla.org 08a59eeda9 Fix the fix; it was slightly overzealous. 2000-05-12 17:39:40 +00:00
dmose%mozilla.org f25030a5e6 Fix security hole. 2000-05-12 17:27:57 +00:00
terry%mozilla.org 33cee658dc Patch by Adam Spiers <adam@spiers.net> -- fixed some poor HTML. 2000-01-14 23:56:55 +00:00
dmose%mozilla.org 2db9bdbbbe updated license boilerplate 1999-11-01 23:33:56 +00:00
terry%mozilla.org 39df65d0db This was using complicated perl features I don't understand, so I simplified it and it works now... 1999-10-19 16:24:48 +00:00
terry%mozilla.org cb4af7d06e Fix perl warnings. 1999-10-19 15:05:16 +00:00
terry%mozilla.org 5f3456602b Fix potential security hole (and I think some perl warnings.) 1999-10-19 00:17:54 +00:00
terry%mozilla.org 87878548b8 Fixed perl warnings -- this module no longer defines its own "die" routine. 1999-10-19 00:07:23 +00:00
terry%mozilla.org d43d834edd Massive spank to put "use strict" in all Bonsai code. 1999-10-18 22:55:01 +00:00
slamm%netscape.com e744f57239 Avoid tall lines (too many newlines) 1999-08-10 21:19:27 +00:00
slamm%netscape.com 844c911192 -mAvoid breaking the line in the middle of an entity. 1999-08-10 21:07:06 +00:00
terry%mozilla.org 61b2e0b068 Massive patch (mostly from Dieter Weber <dieter@Compatible.COM>) -- ported all TCL code to Perl. 1999-07-23 18:39:31 +00:00
slamm%netscape.com cdac8550e0 Pull netscape-specific hack. 1998-09-09 20:00:33 +00:00
slamm%netscape.com 2b76b16678 Get the 'Change Log' link right. Set 'LANGUAGE=JavaScript' for the SCRIPT tag 1998-09-09 19:29:00 +00:00
slamm%netscape.com d52f64091e Fix the 'Change Log' like to pass along the branch and the root. Trim the email addresses of netscape folks (i.e. slamm%netscape.com becomes slamm). 1998-09-09 17:37:12 +00:00
terry 953de4703b Patches by Matthew Wilson <msw@gimp.org> -- added much of the missing configuration ability. 1998-06-29 16:21:41 +00:00
terry 860e5e5305 Implement CheckHidden(), so that we can have some semblance of security. 1998-06-18 16:47:00 +00:00
terry d79fe8cf1e Bonsai and Tinderbox have been freed. 1998-06-16 21:43:24 +00:00