Bug 171186 - HTTP "GET" form method and "target=" used wrongly in easy_enter_bug.cgi
Summary: HTTP "GET" form method and "target=" used wrongly in easy_enter_bug.cgi
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Bugzilla
Classification: Community
Component: Bugzilla General
Version: 3.2
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: PnT DevOps Devs
QA Contact: David Lawrence
URL: https://bugzilla.redhat.com/bugzilla/...
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-10-19 07:27 UTC by Chris
Modified: 2013-06-24 02:58 UTC (History)
1 user (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2008-11-07 16:14:43 UTC
Embargoed:


Attachments (Terms of Use)

Description Chris 2005-10-19 07:27:10 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)

Description of problem:
Your web page:-
https://bugzilla.redhat.com/bugzilla/easy_enter_bug.cgi

erases all bugs that get entered if the submitter types more than 4000 characters or so into the form.

This is because the HTTP "GET" protocol cannot submit forms with more than 4096 characters in them.

It also opens up a new page when the "Submit Bug to Bugzilla" button is pressed.  This is wrong - a mistake made because someone incorrectly named a target for the submission somplace.



Version-Release number of selected component (if applicable):
current

How reproducible:
Always

Steps to Reproduce:
1. View source
2. Locate this line:-
<form action="show_bug.cgi" method="get" id="goto">
3. note the method="get" which should be 'method="post"'
  

Actual Results:  new blank window opens up.
bug not submitted

Expected Results:  no new window, bug submitted properly

Additional info:

Bug reporters do not have unlimited patience.
if you fail to capture a bug properly the 1st time, you might not get the opportunity to get info about the bug at all.

Since this includes security-related bugs, correcting this problem should be your highest priority.

Comment 1 David Lawrence 2006-04-08 17:55:01 UTC
Red Hat's current Bugzilla version is 2.18. I am moving all older open bugs to
this version. Any bugs against the older versions will need to be verified that
they are still bugs. This will help me also to sort them better.

Comment 2 David Lawrence 2008-09-16 16:53:48 UTC
Red Hat Bugzilla is now using version 3.2 of the Bugzilla codebase and therefore this bug will need to be re-verified against the new release. With the updated code this bug may no longer be relevant or may have been fixed in the new code.
Updating bug version to 3.2.


Note You need to log in before you can comment on or make changes to this bug.