http://bugzilla.mozilla.org/show_bug.cgi?id=28698 gives "permission denied".
http://bugzilla.mozilla.org/show_activity.cgi?id=28698 is visible.
moving to real milestones...
Created attachment 36416 [details] [diff] [review]
patch to validate bug ID and check permissions to view bug
Created attachment 36433 [details] [diff] [review]
patch that abstracts out bug ID validation
This second patch puts most of the validation code into a separate function in
CGI.pl so it can be used by other scripts that need to do bug ID validation
(like bug 39524, bug 39527, etc.).
The check for the user belonging to the product group is unnecessary. That's
included in the groupset on the bug itself. It is possible to clear the product
group bit on a bug that's in a product that has a group, and this would prevent
people from seeing it then.
Created attachment 36584 [details] [diff] [review]
patch w/o CGI.pl for installations that have already installed the patch for bug 39524
Adding "review" keyword to get these on the radars of reviewers (if they aren't
Fix checked in.
*** Bug 94476 has been marked as a duplicate of this bug. ***
Moving to Bugzilla product