'Submit only my new comment' leads to Suspicious Action

RESOLVED FIXED in Bugzilla 3.4

Status

()

Bugzilla
Creating/Changing Bugs
RESOLVED FIXED
8 years ago
8 years ago

People

(Reporter: Reinout van Schouwen, Assigned: Frédéric Buclin)

Tracking

3.4.1
Bugzilla 3.4
Bug Flags:
approval +
approval3.4 +
blocking3.4.3 +

Details

(URL)

Attachments

(1 attachment)

(Reporter)

Description

8 years ago
Forwarded from Gnome bug 593912:
------------------------------------------------------------------------
I had a mid-air collision while adding a comment to bug 503968. Xan had added a
comment before me. I chose 'Submit only my new comment'. This lead me to a
'Suspicious Action' error page with the following warning:
===
It looks like you didn't come from the right page. One reason could be that you
entered the URL in the address bar of your web browser directly, which should
be safe. Another reason could be that you clicked on a URL which redirected you
here without your consent.

Are you sure you want to commit these changes? 
===

The expected result would be that my comment is added without overwriting Xan's
comment.
---------------------------------------------------------------------------
(Assignee)

Updated

8 years ago
Flags: blocking3.4.2+
OS: Linux → All
Hardware: x86 → All
Target Milestone: --- → Bugzilla 3.4
(Assignee)

Updated

8 years ago
Flags: blocking3.4.2+ → blocking3.4.3+
(Assignee)

Comment 1

8 years ago
Created attachment 402120 [details] [diff] [review]
patch, v1

We forgot to pass the token back to process_bug.cgi.
Assignee: create-and-change → LpSolit
Status: NEW → ASSIGNED
Attachment #402120 - Flags: review?(dkl)

Updated

8 years ago
Attachment #402120 - Flags: review?(dkl) → review+
Comment on attachment 402120 [details] [diff] [review]
patch, v1

Works for me as expected. r=dkl
(Assignee)

Comment 3

8 years ago
3.2 is not affected as this feature doesn't exist there.
Flags: approval3.4+
Flags: approval+
(Assignee)

Comment 4

8 years ago
tip:

Checking in template/en/default/bug/process/midair.html.tmpl;
/cvsroot/mozilla/webtools/bugzilla/template/en/default/bug/process/midair.html.tmpl,v  <--  midair.html.tmpl
new revision: 1.25; previous revision: 1.24
done

3.4.2:

Checking in template/en/default/bug/process/midair.html.tmpl;
/cvsroot/mozilla/webtools/bugzilla/template/en/default/bug/process/midair.html.tmpl,v  <--  midair.html.tmpl
new revision: 1.23.2.1; previous revision: 1.23
done
Status: ASSIGNED → RESOLVED
Last Resolved: 8 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.