Граф коммитов

23 Коммитов

Автор SHA1 Сообщение Дата
timeless%mozdev.org 2de18df802 Bug 320448 cvsview2.cgi DIFF_LINKS html is invalid
r=reed@reedloden.com
2005-12-15 21:45:56 +00:00
cls%seawood.org 0c39d72d44 Fix XSS vulnerability in rview.cgi
Bug #276984 r=timeless
2005-11-18 20:30:28 +00:00
cls%seawood.org 8d357c4671 sanitize batchid 2004-12-01 17:07:08 +00:00
cls%seawood.org ee84b4fa36 Quote all values to be used in urls or in html output.
Bug #261616 r=timeless
2004-12-01 04:46:35 +00:00
cls%seawood.org 3820500cbd Add check routines to sanitize user input.
Rename sanitize_revision to SanitizeRevision and move it to globals.pl.
Bug #261616 r=timeless
2004-11-30 23:56:13 +00:00
myk%mozilla.org 06783e5360 implementation for bug 262967: RSS feeds for revision logs; r=cls 2004-10-10 04:54:56 +00:00
cls%seawood.org 371f30f86d Move shell_escape from CGI.pl to globals.pl
Remove CGI.pl dependency from multidiff.cgi
Bug #44642
2004-09-22 03:59:19 +00:00
cls%seawood.org aab913d4e0 Remove 'use diagnostics' calls to speed up scripts.
Bug #204463 r=justdave
2004-09-18 05:02:17 +00:00
cls%seawood.org 85582672b1 Removing leftover debug statement. 2004-09-16 16:02:44 +00:00
cls%seawood.org c0d0213fc0 Fix security issue related to unsanitized rcs version strings:
* Added sanitize_revision()
* Do not install SourceChecker.*
* Add ~ & ` to shell_escape()
Bug #39284 r=timeless
2004-09-15 22:44:55 +00:00
cls%seawood.org fc202fce77 Misc cleanup to better handle files with spaces & special chars:
* Do not encode / in url_quote
* Do not install old/unused perl scripts
* Update README
* Replace system(rm/mkdir) calls with standard perl modules
* Use url_quote to quote filenames when passing files between cgis
* Use shell_escape on filenames that are passed to system calls via open()

Bug #44642 r=timeless
2004-09-15 15:48:18 +00:00
cls%seawood.org cb6a541f35 Escape special chars in filenames when calling rlog.
Fix minor 'used once' warnings.
Bug #258668 r=timeless
2004-09-13 21:41:22 +00:00
myk%mozilla.org b1928fad4d fix for bug 253175: point people to Bugzilla to file bugs instead of telling them to email endico@mozilla.org 2004-07-27 00:22:18 +00:00
jake%acutex.net d1ef386ba3 Fix for bug 123339 - More enhancements for the cvsgraph.cgi module (give it popups very similar to cvsblame.cgi).
r= kiko
2002-02-12 21:34:04 +00:00
tara%tequilarista.org 4e57ea4f39 Checking in fix for bug #86920, fix from jake@acutex.net 2001-10-31 04:30:33 +00:00
tara%tequilarista.org 2f015d5f63 Landing Adam Spiers' contributions for security and small functional issues 2000-07-25 18:58:54 +00:00
dmose%mozilla.org 18f71469a1 updated license boilerplate 1999-11-01 23:33:56 +00:00
terry%mozilla.org b2df112085 Massive spank to put "use strict" in all Bonsai code. 1999-10-18 22:55:01 +00:00
terry%mozilla.org 7ff7cb6e09 Fixed a bunch of "undefined variable" warnings. 1999-10-15 23:16:32 +00:00
terry%mozilla.org 486fd4f5b0 Fix another stupid typo. 1999-07-30 15:13:01 +00:00
terry%mozilla.org c06fe864f8 Fixed typo in "mailto:" link. 1999-07-30 15:11:41 +00:00
terry%mozilla.org 45d1045d17 The 'modules' list on the main query page was just all wrong. 1999-07-27 16:25:08 +00:00
terry%mozilla.org d1360d1cc4 Massive patch (mostly from Dieter Weber <dieter@Compatible.COM>) -- ported all TCL code to Perl. 1999-07-23 18:39:31 +00:00