Bug 447765
| Summary: | Sanitize email addresses from bug reports, attachments, activity for non-logged-in users | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | [Community] Bugzilla | Reporter: | David Lawrence <dkl> | ||||||||
| Component: | User Interface | Assignee: | David Lawrence <dkl> | ||||||||
| Status: | CLOSED NEXTRELEASE | QA Contact: | |||||||||
| Severity: | low | Docs Contact: | |||||||||
| Priority: | low | ||||||||||
| Version: | 3.2 | CC: | kevin, ohtmvyyn | ||||||||
| Target Milestone: | --- | ||||||||||
| Target Release: | --- | ||||||||||
| Hardware: | All | ||||||||||
| OS: | Linux | ||||||||||
| Whiteboard: | |||||||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||||||
| Doc Text: | Story Points: | --- | |||||||||
| Clone Of: | Environment: | ||||||||||
| Last Closed: | 2008-05-29 15:35:47 UTC | Type: | --- | ||||||||
| Regression: | --- | Mount Type: | --- | ||||||||
| Documentation: | --- | CRM: | |||||||||
| Verified Versions: | Category: | --- | |||||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||||
| Embargoed: | |||||||||||
| Bug Depends On: | |||||||||||
| Bug Blocks: | 406071 | ||||||||||
| Attachments: |
|
||||||||||
|
Description
David Lawrence
2008-05-21 17:48:47 UTC
Created attachment 306312 [details]
Patch to sanitize email addresses for anonymous users (v1)
Attaching patch to sanitize email addresses for anonymous users. Please look it
over for any issues. Also I may have missed some places where email addresses
occur so please let me know if you find other places.
Thanks
Dave
*** Bug 447677 has been marked as a duplicate of this bug. *** Hi Dave ,, The patch looks good and i think it covered all places,, however it is giving me an error in the buglist.cgi as the following: The custom sort order specified in your cookie contains an invalid column name map_assigned_to.login_name. The cookie has been cleared. It has to do with the columns hash that you changed in Bugzilla/Search.pm other than that it is working perfectly everywhere else Thanks, Noura Created attachment 306553 [details]
Patch to sanitize email addresses for anonymous users (v2)
Thanks for the review Noura. Attaching a new patch the fixes the order
cookie/formvar to properly remap map_*.login_name to map_*.realname if the user
is not logged in. This should get rid of the error that you were getting.
Please review
Thanks
Dave
Committed to CVS. Want to get this in thursdays update. Dave Comment on attachment 306553 [details]
Patch to sanitize email addresses for anonymous users (v2)
Hi Dave,
Sorry for the late review the patch looks good, and that error now disappeared,
however there were couple of things for the webservice interface i am attaching
a patch for that.
Noura
Created attachment 307006 [details]
patch to fix bugzilla.getBug and bugzilla.getProdCompDetails
Attached is a patch to make some modification to bugzilla.getBug basically i
made use of the %items hash that was not used properly and deleted the
login_name from the comments if the user was not logged in. also made a little
fix to the bugzilla.getProdCompDetails where it was using wrong key name for
the realnames.
Please review.
Thanks,
Noura
Comment on attachment 307006 [details] patch to fix bugzilla.getBug and bugzilla.getProdCompDetails > foreach my $key ( keys %custom_field_return_map ) { > my $field = $custom_field_return_map{$key}; >- $bug->{$key} = $bug->{$field} if defined $bug->{$field}; >+ $item{$key} = $bug->{$field} if defined $bug->{$field}; > delete $bug->{$field}; > } Looks good Noura. Works as expected. Nit-pick: Do we need to do the 'delete $bug->{$field};' anymore since you are no longer returning $bug? Otherwise harmless. Feel free to check in. Dave cool i have deleted that line Dave and committed to cvs. Thanks, Noura Pushed to partner-bugzilla. Closing. Dave *** Bug 486766 has been marked as a duplicate of this bug. *** |