Bug 171186 - HTTP "GET" form method and "target=" used wrongly in easy_enter_bug.cgi
HTTP "GET" form method and "target=" used wrongly in easy_enter_bug.cgi
Product: Bugzilla
Classification: Community
Component: Bugzilla General (Show other bugs)
All Linux
medium Severity medium (vote)
: ---
: ---
Assigned To: PnT DevOps Devs
David Lawrence
: Security
Depends On:
  Show dependency treegraph
Reported: 2005-10-19 03:27 EDT by Chris
Modified: 2013-06-23 22:58 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2008-11-07 11:14:43 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Chris 2005-10-19 03:27:10 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)

Description of problem:
Your web page:-

erases all bugs that get entered if the submitter types more than 4000 characters or so into the form.

This is because the HTTP "GET" protocol cannot submit forms with more than 4096 characters in them.

It also opens up a new page when the "Submit Bug to Bugzilla" button is pressed.  This is wrong - a mistake made because someone incorrectly named a target for the submission somplace.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. View source
2. Locate this line:-
<form action="show_bug.cgi" method="get" id="goto">
3. note the method="get" which should be 'method="post"'

Actual Results:  new blank window opens up.
bug not submitted

Expected Results:  no new window, bug submitted properly

Additional info:

Bug reporters do not have unlimited patience.
if you fail to capture a bug properly the 1st time, you might not get the opportunity to get info about the bug at all.

Since this includes security-related bugs, correcting this problem should be your highest priority.
Comment 1 David Lawrence 2006-04-08 13:55:01 EDT
Red Hat's current Bugzilla version is 2.18. I am moving all older open bugs to
this version. Any bugs against the older versions will need to be verified that
they are still bugs. This will help me also to sort them better.
Comment 2 David Lawrence 2008-09-16 12:53:48 EDT
Red Hat Bugzilla is now using version 3.2 of the Bugzilla codebase and therefore this bug will need to be re-verified against the new release. With the updated code this bug may no longer be relevant or may have been fixed in the new code.
Updating bug version to 3.2.

Note You need to log in before you can comment on or make changes to this bug.