514378 - 'Submit only my new comment' leads to Suspicious Action

Status: RESOLVED FIXED

(Bugzilla :: Creating/Changing Bugs, defect)

Description

[Reinout van Schouwen]

Forwarded from Gnome bug 593912:
------------------------------------------------------------------------
I had a mid-air collision while adding a comment to bug 503968. Xan had added a
comment before me. I chose 'Submit only my new comment'. This lead me to a
'Suspicious Action' error page with the following warning:
===
It looks like you didn't come from the right page. One reason could be that you
entered the URL in the address bar of your web browser directly, which should
be safe. Another reason could be that you clicked on a URL which redirected you
here without your consent.

Are you sure you want to commit these changes? 
===

The expected result would be that my comment is added without overwriting Xan's
comment.
---------------------------------------------------------------------------

Comment 1

[Frédéric Buclin]

Attachment: patch, v1

We forgot to pass the token back to process_bug.cgi.

Comment 2

[David Lawrence [:dkl]]

Comment on attachment 402120 [details] [diff] [review]
patch, v1

Works for me as expected. r=dkl

Comment 3

[Frédéric Buclin]

3.2 is not affected as this feature doesn't exist there.

Comment 4

[Frédéric Buclin]

tip:

Checking in template/en/default/bug/process/midair.html.tmpl;
/cvsroot/mozilla/webtools/bugzilla/template/en/default/bug/process/midair.html.tmpl,v  <--  midair.html.tmpl
new revision: 1.25; previous revision: 1.24
done

3.4.2:

Checking in template/en/default/bug/process/midair.html.tmpl;
/cvsroot/mozilla/webtools/bugzilla/template/en/default/bug/process/midair.html.tmpl,v  <--  midair.html.tmpl
new revision: 1.23.2.1; previous revision: 1.23
done