aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorByron Jones <bjones@mozilla.com>2012-08-28 23:22:11 +0800
committerByron Jones <bjones@mozilla.com>2012-08-28 23:22:11 +0800
commita3b0a94e697ed4478cde8de2fb22e9545dc41c8e (patch)
treeeaf3cf782d67848d88b9f22d02f1c0cbc1bc35d0
parentBug 785917: Custom field descriptions are not properly escaped when displayed... (diff)
downloadbugzilla-a3b0a94e697ed4478cde8de2fb22e9545dc41c8e.tar.gz
bugzilla-a3b0a94e697ed4478cde8de2fb22e9545dc41c8e.tar.bz2
bugzilla-a3b0a94e697ed4478cde8de2fb22e9545dc41c8e.zip
Bug 772953: Remove the token from buglist urls
r=dkl, a=LpSolit
-rw-r--r--Bugzilla/CGI.pm5
-rwxr-xr-xbuglist.cgi3
-rw-r--r--js/custom-search.js8
-rw-r--r--template/en/default/list/list.html.tmpl3
-rw-r--r--template/en/default/search/search-advanced.html.tmpl12
5 files changed, 29 insertions, 2 deletions
diff --git a/Bugzilla/CGI.pm b/Bugzilla/CGI.pm
index ed8540b2a..0385af2cb 100644
--- a/Bugzilla/CGI.pm
+++ b/Bugzilla/CGI.pm
@@ -171,6 +171,11 @@ sub clean_search_url {
# Delete leftovers from the login form
$self->delete('Bugzilla_remember', 'GoAheadAndLogIn');
+ # Delete the token if we're not updating the defaults
+ unless (defined $self->param('remtype') && $self->param('remtype') eq 'asdefault') {
+ $self->delete("token");
+ }
+
foreach my $num (1,2,3) {
# If there's no value in the email field, delete the related fields.
if (!$self->param("email$num")) {
diff --git a/buglist.cgi b/buglist.cgi
index 3466b4681..d8da0a6bb 100755
--- a/buglist.cgi
+++ b/buglist.cgi
@@ -1035,7 +1035,8 @@ else {
# Set 'urlquerypart' once the buglist ID is known.
$vars->{'urlquerypart'} = $params->canonicalise_query('order', 'cmdtype',
- 'query_based_on');
+ 'query_based_on',
+ 'token');
if ($format->{'extension'} eq "csv") {
# We set CSV files to be downloaded, as they are designed for importing
diff --git a/js/custom-search.js b/js/custom-search.js
index f8332a0bf..89a788073 100644
--- a/js/custom-search.js
+++ b/js/custom-search.js
@@ -134,7 +134,15 @@ function fix_query_string(form_member) {
return;
var form = YAHOO.util.Dom.getAncestorByTagName(form_member, 'form');
+ // Disable the token field so setForm doesn't include it
+ var reenable_token = false;
+ if (form['token'] && !form['token'].disabled) {
+ form['token'].disabled = true;
+ reenable_token = true;
+ }
var query = YAHOO.util.Connect.setForm(form);
+ if (reenable_token)
+ form['token'].disabled = false;
window.History.replaceState(null, document.title, '?' + query);
}
diff --git a/template/en/default/list/list.html.tmpl b/template/en/default/list/list.html.tmpl
index 1dfdf51c2..1c5c22810 100644
--- a/template/en/default/list/list.html.tmpl
+++ b/template/en/default/list/list.html.tmpl
@@ -38,6 +38,9 @@
&list_id=[% cgi.param('list_id') FILTER uri %]
[%~ END %]
[% END %]
+ [% ELSIF cgi.param('token') != '' %]
+ [% new_url = 'buglist.cgi?'
+ _ cgi.canonicalise_query('token', 'cmdtype', 'remtype') %]
[% END %]
if (history && history.replaceState) {
diff --git a/template/en/default/search/search-advanced.html.tmpl b/template/en/default/search/search-advanced.html.tmpl
index 7b2a347b9..2bff834bc 100644
--- a/template/en/default/search/search-advanced.html.tmpl
+++ b/template/en/default/search/search-advanced.html.tmpl
@@ -15,10 +15,19 @@
[% USE Bugzilla %]
[% cgi = Bugzilla.cgi %]
+[% javascript = BLOCK %]
+function remove_token() {
+ if (queryform.token) {
+ var asDefault = document.getElementById('remasdefault');
+ queryform.token.disabled = !asDefault.checked;
+ }
+}
+[% END %]
[% PROCESS global/header.html.tmpl
title = "Search for $terms.bugs"
yui = [ 'autocomplete', 'calendar' ]
+ javascript = javascript
javascript_urls = [ "js/util.js", "js/TUI.js", "js/field.js"]
style_urls = [ "skins/standard/search_form.css" ]
doc_section = "query.html"
@@ -30,7 +39,8 @@
<p id="search_help">Hover your mouse over each field label to get help for that field.</p>
-<form method="post" action="buglist.cgi" name="queryform" id="queryform">
+<form method="post" action="buglist.cgi" name="queryform" id="queryform"
+ onsubmit="remove_token()">
[% PROCESS search/form.html.tmpl %]