Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2025-01-12 06:52:25 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix for bug 15980: Password is no longer shown in the location bar on the first page you load after logging in.

Browse Source 
Patch by Dave Miller <justdave@syndicomm.com>
r= jake@acutex.net
This commit is contained in:
justdave%syndicomm.com 2001-06-07 20:26:40 +00:00
parent 4fb2d58937
commit 3b98736d18
2 changed files with 17 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
webtools/bugzilla/CGI.pl
View File

@ -20,6 +20,7 @@
# Contributor(s): Terry Weissman <terry@mozilla.org>
# Dan Mosedale <dmose@mozilla.org>
# Joe Robins <jmrobins@tgix.com>
# Dave Miller <justdave@syndicomm.com>
# Contains some global routines used throughout the CGI scripts of Bugzilla.
@ -914,9 +915,14 @@ Content-type: text/html
$nexturl = $&;
}
my $method = "POST";
if (defined $ENV{"REQUEST_METHOD"} && length($::buffer) > 1) {
$method = $ENV{"REQUEST_METHOD"};
}
# We always want to use POST here, because we're submitting a password and don't
# want to see it in the location bar in the browser in case a co-worker is looking
# over your shoulder. If you have cookies off and need to bookmark the query, you
# can bookmark it from the screen asking for your password, and it should still
# work. See http://bugzilla.mozilla.org/show_bug.cgi?id=15980
# if (defined $ENV{"REQUEST_METHOD"} && length($::buffer) > 1) {
# $method = $ENV{"REQUEST_METHOD"};
# }
print "
<FORM action=$nexturl method=$method>
<table>

10
webtools/bugzilla/process_bug.cgi
View File

@ -724,8 +724,14 @@ The changes made were:
$::FORM{'delta_ts'} = $delta_ts;
print "<li><form method=post>";
foreach my $i (keys %::FORM) {
my $value = value_quote($::FORM{$i});
print qq{<input type=hidden name="$i" value="$value">\n};
# Make sure we don't include the username/password fields in the
# HTML. If cookies are off, they'll have to reauthenticate after
# hitting "submit changes anyway".
# see http://bugzilla.mozilla.org/show_bug.cgi?id=15980
if ($i !~ /^(Bugzilla|LDAP)_(login|password)$/) {
my $value = value_quote($::FORM{$i});
print qq{<input type=hidden name="$i" value="$value">\n};
}
}
print qq{<input type=submit value="Submit my changes anyway">\n};
print " This will cause all of the above changes to be overwritten";