cls%seawood.org
00f5546dc0
Do not allow access to CVSROOT.
...
Bug #204126 r=timeless
2004-12-01 08:40:33 +00:00
cls%seawood.org
9125da2795
Quote all values to be used in urls or in html output.
...
Bug #261616 r=timeless
2004-12-01 04:46:35 +00:00
cls%seawood.org
3ba86c6240
Use : instead of + as file separator to avoid + being converted to a space.
...
Bug #261616 r=timeless
2004-12-01 01:11:37 +00:00
cls%seawood.org
fc87798b71
Verify that the given cvsroot is actually in our repository list.
...
Bug #261616 r=timeless
2004-12-01 00:22:53 +00:00
cls%seawood.org
42bf1ea441
Add check routines to sanitize user input.
...
Rename sanitize_revision to SanitizeRevision and move it to globals.pl.
Bug #261616 r=timeless
2004-11-30 23:56:13 +00:00
cls%seawood.org
f0886ed803
Remove 'use diagnostics' calls to speed up scripts.
...
Bug #204463 r=justdave
2004-09-18 05:02:17 +00:00
cls%seawood.org
6653ecac41
Fix security issue related to unsanitized rcs version strings:
...
* Added sanitize_revision()
* Do not install SourceChecker.*
* Add ~ & ` to shell_escape()
Bug #39284 r=timeless
2004-09-15 22:44:55 +00:00
cls%seawood.org
f2f73e6054
Misc cleanup to better handle files with spaces & special chars:
...
* Do not encode / in url_quote
* Do not install old/unused perl scripts
* Update README
* Replace system(rm/mkdir) calls with standard perl modules
* Use url_quote to quote filenames when passing files between cgis
* Use shell_escape on filenames that are passed to system calls via open()
Bug #44642 r=timeless
2004-09-15 15:48:18 +00:00
cls%seawood.org
ca74a48c90
Escape special chars in filenames when calling rlog.
...
Fix minor 'used once' warnings.
Bug #258668 r=timeless
2004-09-13 21:41:22 +00:00
timeless%mozdev.org
8298355fdc
Bug 253010 bonsai diffs looks doublespaced (extra newlines)
...
css per dbaron, r=vladd
also changed cvsblame per mvl
2004-08-01 19:59:46 +00:00
timeless%mozdev.org
703bea9559
Bug 233967 Bonsai showing stale pages
...
r=kiko
2004-02-19 06:53:19 +00:00
timeless%mozdev.org
87f22fce3a
Bug 176316 Add Last-Modified support to bonsai
...
Adds optional path parameter to parse_rcs_file
Adds required http header call to do_directory
patch by rperrot@debian.org r=justdave
2003-05-19 12:58:45 +00:00
tara%tequilarista.org
1ddb4ddc5b
Checking in a fix for bug #187239--preventing fully qualified paths from being displayed.
2003-04-02 05:42:22 +00:00
timeless%mozdev.org
9d2fa1d485
Bug 181566 cvsview2.cgi fails if $0 has no path
...
patch by not_erik@dasbistro.com r=timeless
2003-03-05 17:06:11 +00:00
timeless%mozdev.org
6b211e86fa
Bug 176316 Add Last-Modified support to bonsai
...
r=tara
2003-03-05 14:49:20 +00:00
tara%tequilarista.org
25eaf5cc21
Partial fix for bug 104313, making the default behavior of the diff page be correct, at least
2002-10-24 17:53:38 +00:00
jake%acutex.net
dd2978ec24
Bug 122663 - Eliminate some undefined value warnings in cvsview2.cgi and cvsqueryform.cgi
...
Patch by Jody McIntyre <jodym@oeone.com>
r=jake
2002-03-27 14:52:04 +00:00
jake%acutex.net
e61bb9f70d
Bug 121105 - type="application/x-javascript" confuses IE, so we should use the new $::script_type variable added in bug 123339.
...
r= kiko
2002-02-13 14:19:07 +00:00
jake%acutex.net
e193dc9fd4
Bug 121636 - Provide support for cvsgraph (requires the cvsgraph binary, see bug 121636 for more information).
...
r= kiko
2002-02-01 14:32:55 +00:00
timeless%mac.com
61d2900ff9
Bug 27506 The Bonsai pages contain SCRIPTs which are not enclosed in
...
<!-- -->, greatly confusing some HTML parsers.
r=kiko
2001-10-11 18:44:14 +00:00
endico%mozilla.org
b0e5e6903d
Lets be consistant. Switch back to #!/usr/bonsaitools/bin/perl -w
2001-03-25 08:59:55 +00:00
dave%intrec.com
b465fdb8d1
Fix for bug 54690: security holes in cvsview2.cgi by lax validation of the http query string. Fixed by retrieving parms via CGI.pm instead of trying to dynamically parse them from the query string. Patch by Adam Spiers <adam@spiers.net>
2001-03-01 22:18:55 +00:00
tara%tequilarista.org
133606438f
Landing Adam Spiers' contributions for security and small functional issues
2000-07-25 18:58:54 +00:00
dmose%mozilla.org
b34de55811
Security check needs to happen after the eval, so that it's matching
...
variable side-effects don't hurt us.
2000-05-12 17:51:00 +00:00
dmose%mozilla.org
08a59eeda9
Fix the fix; it was slightly overzealous.
2000-05-12 17:39:40 +00:00
dmose%mozilla.org
f25030a5e6
Fix security hole.
2000-05-12 17:27:57 +00:00
terry%mozilla.org
33cee658dc
Patch by Adam Spiers <adam@spiers.net> -- fixed some poor HTML.
2000-01-14 23:56:55 +00:00
dmose%mozilla.org
2db9bdbbbe
updated license boilerplate
1999-11-01 23:33:56 +00:00
terry%mozilla.org
39df65d0db
This was using complicated perl features I don't understand, so I simplified it and it works now...
1999-10-19 16:24:48 +00:00
terry%mozilla.org
cb4af7d06e
Fix perl warnings.
1999-10-19 15:05:16 +00:00
terry%mozilla.org
5f3456602b
Fix potential security hole (and I think some perl warnings.)
1999-10-19 00:17:54 +00:00
terry%mozilla.org
87878548b8
Fixed perl warnings -- this module no longer defines its own "die" routine.
1999-10-19 00:07:23 +00:00
terry%mozilla.org
d43d834edd
Massive spank to put "use strict" in all Bonsai code.
1999-10-18 22:55:01 +00:00
slamm%netscape.com
e744f57239
Avoid tall lines (too many newlines)
1999-08-10 21:19:27 +00:00
slamm%netscape.com
844c911192
-mAvoid breaking the line in the middle of an entity.
1999-08-10 21:07:06 +00:00
terry%mozilla.org
61b2e0b068
Massive patch (mostly from Dieter Weber <dieter@Compatible.COM>) -- ported all TCL code to Perl.
1999-07-23 18:39:31 +00:00
slamm%netscape.com
cdac8550e0
Pull netscape-specific hack.
1998-09-09 20:00:33 +00:00
slamm%netscape.com
2b76b16678
Get the 'Change Log' link right. Set 'LANGUAGE=JavaScript' for the SCRIPT tag
1998-09-09 19:29:00 +00:00
slamm%netscape.com
d52f64091e
Fix the 'Change Log' like to pass along the branch and the root. Trim the email addresses of netscape folks (i.e. slamm%netscape.com becomes slamm).
1998-09-09 17:37:12 +00:00
terry
953de4703b
Patches by Matthew Wilson <msw@gimp.org> -- added much of the missing configuration ability.
1998-06-29 16:21:41 +00:00
terry
860e5e5305
Implement CheckHidden(), so that we can have some semblance of security.
1998-06-18 16:47:00 +00:00
terry
d79fe8cf1e
Bonsai and Tinderbox have been freed.
1998-06-16 21:43:24 +00:00