Closed
Bug 653406
Opened 13 years ago
Closed 13 years ago
Users with a + in their email address are unable to reset their passwords
Categories
(Bugzilla :: User Accounts, defect)
Tracking
()
RESOLVED
FIXED
Bugzilla 3.6
People
(Reporter: justdave, Assigned: glob)
References
Details
Attachments
(3 files, 1 obsolete file)
|
44.29 KB,
image/png
|
Details | |
|
2.13 KB,
patch
|
LpSolit
:
review+
|
Details | Diff | Splinter Review |
|
2.10 KB,
patch
|
glob
:
review+
|
Details | Diff | Splinter Review |
screenshot of error message
Going by the attached error screenshot it looks like a + in an email address is getting unescaped somehow when it shouldn't be (and thus getting treated as a space).
i'm able to create new accounts with a + in the email address, and login as an existing account which contains a +. do you have steps to reproduce?
|
||
Comment 2•13 years ago
|
||
WFM upstream. Maybe the guy typed his email address in the URL bar directly, in which case an unescaped + means a whitespace.
i've tested all points where we throw that error and it's working for me too. nukeador, please reopen this bug if you are still having problems.
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → WORKSFORME
|
||
Comment 4•13 years ago
|
||
I have my bugzilla session opened at home and I will be able to answer you guys till it expires, but I'm unable to log in using a clean session, same error. Tested from 2 computer and 2 different browsers. I think the problem is that first I get an error about my password it's less than 8 characters long and then it points me to request a new password: https://bugzilla.mozilla.org/token.cgi?a=reqpw&loginname=my+email@gmail.com Where I get the error and I can't continue or log in.
Status: RESOLVED → REOPENED
Resolution: WORKSFORME → ---
|
Reporter | |
Updated•13 years ago
|
Summary: Users with a + in their email address are unable to access Bugzilla → Users with a + in their email address are unable to reset their passwords
fixes quoting of text in error messages.
Attachment #528892 -
Flags: review?(LpSolit)
Component: General → Bugzilla-General
Product: bugzilla.mozilla.org → Bugzilla
QA Contact: general → default-qa
Version: Current → 4.0
|
|
||
Updated•13 years ago
|
Severity: critical → major
Status: REOPENED → ASSIGNED
Component: Bugzilla-General → User Accounts
Target Milestone: --- → Bugzilla 4.0
|
|
||
Comment 7•13 years ago
|
||
Comment on attachment 528892 [details] [diff] [review] patch for 4.0, v1 You need a separate patch for 4.1, as FILTER url_quote has been killed in favor of FILTER uri (see bug 398701). r=LpSolit for 4.0.2.
Attachment #528892 -
Attachment description: patch v1 → patch for 4.0, v1
Attachment #528892 -
Flags: review?(LpSolit) → review+
Attachment #528909 -
Flags: review?(LpSolit)
Comment on attachment 528909 [details] [diff] [review] patch for 4.1, v1 oops
Attachment #528909 -
Attachment is obsolete: true
Attachment #528909 -
Flags: review?(LpSolit)
|
Assignee | |
Comment 10•13 years ago
|
||
<LpSolit> r+ with the first block removed
Attachment #528910 -
Flags: review+
|
|
||
Updated•13 years ago
|
Flags: approval4.0+
Flags: approval+
|
|
||
Comment 11•13 years ago
|
||
The patch for 4.0 applies cleanly to 3.6.5, so let's take it on this branch too. I know the 3.6 branch is restricted to security bugs, but not being able to log in is a major issue, and we cannot leave users out of the game. Bugzilla 3.4 is not affected.
Flags: approval3.6+
Target Milestone: Bugzilla 4.0 → Bugzilla 3.6
|
|
Reporter | |
Comment 12•13 years ago
|
||
(In reply to comment #11) Agreed
|
|
Assignee | |
Comment 13•13 years ago
|
||
Committing to: bzr+ssh://bjones%40mozilla.com@bzr.mozilla.org/bugzilla/3.6/ modified template/en/default/global/user-error.html.tmpl Committed revision 7248. Committing to: bzr+ssh://bjones%40mozilla.com@bzr.mozilla.org/bugzilla/4.0/ modified template/en/default/global/user-error.html.tmpl Committed revision 7590. Committing to: bzr+ssh://bzr.mozilla.org/bugzilla/trunk/ modified template/en/default/global/user-error.html.tmpl Committed revision 7805.
Status: ASSIGNED → RESOLVED
Closed: 13 years ago → 13 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•