Permalink
Commits on Apr 23, 2014
  1. bump version for 1.06

    jibsheet committed Apr 23, 2014
  2. Mark as deprecated

    jibsheet committed Apr 23, 2014
  3. upgrade MI and MIRTx

    jibsheet committed Apr 23, 2014
Commits on Aug 13, 2013
  1. Merge branch 'security'

    tsibley committed Aug 13, 2013
Commits on May 31, 2013
  1. Bump version

    tsibley committed May 31, 2013
  2. Update build toolchain

    tsibley committed May 31, 2013
Commits on May 22, 2013
Commits on Aug 27, 2012
  1. infrastructure housekeeping

    jibsheet committed Aug 27, 2012
Commits on Aug 14, 2012
  1. Whitelist /m/tickets/search

    jibsheet committed Aug 14, 2012
    This allows users to bookmark searches from their mobile devices without
    running into the CSRF handler.
Commits on Jul 3, 2012
  1. Version bump

    alexmv committed Jul 3, 2012
  2. Merge branch 'security'

    alexmv committed Jul 3, 2012
Commits on Apr 5, 2012
  1. Ensure that javascript is correctly escaped, for CVE-2011-2083

    alexmv committed Apr 5, 2012
    RT 3.8.12 ensured that user-supplied strings in javascript were properly
    escaped when output, by adding a 'j' Mason filter.  Since we cannot
    depend on having that version of RT, provide and use our own identical
    EscapeJS function, which we use to escape user-supplied strings.
  2. Include the AHAH javascript for include-in-page CFs

    alexmv committed Apr 5, 2012
    da29e20 added the IncludeContentForValue codepath which calls ahah() in
    javascript, but neglected to add the javascript include that provides
    the ahah() function.  Add it now, which makes the IncludeContentForValue
    functionality work on mobile devices.
  3. RT 3.8.12 and above escape arguments to <&|/l&>; use loc

    alexmv committed Apr 5, 2012
    In the process of resolving CVE-2011-2083, RT 3.8.12 moved to an
    implementation of the /l component which HTML escapes its arguments, by
    default.  As we cannot be sure which version of /l is currently
    installed without a version check, or a check to the new /l_unsafe,
    simply fall back to an interpolated loc() call instead.
  4. Use loc for interpolation

    sartak authored and alexmv committed May 5, 2011
Commits on Mar 21, 2011
  1. Older version of RT didn't always set a SearchType

    jibsheet committed Mar 21, 2011
    We don't currently have an upgrading script for this and a ton of RT's
    code code works around this by defaulting to an empty SearchType meaning
    that it is a Ticket search.
Commits on Jan 20, 2011
Commits on Dec 10, 2010
Commits on Dec 8, 2010
  1. Checking in changes prior to tagging of version 1.01.

    obra committed Dec 8, 2010
    Changelog diff is:
    
    diff --git a/Changes b/Changes
    index 59efa24..ab03f3c 100644
    --- a/Changes
    +++ b/Changes
    @@ -1,3 +1,7 @@
    +1.01
    +
    +* Corrected the "Reply" link to default to reply rather than comment
    +
     1.00
    
     * Fixed redirection from mobile UI to normal ticket display
  2. The attached patch makes the default action Respond instead of

    smithj4 authored and obra committed Dec 8, 2010
    Comment, which now agrees with the link text that says Reply.  With
    Action defaulting to undef, the template was assuming Comment.
Commits on Nov 19, 2010
  1. Checking in changes prior to tagging of version 1.00.

    obra committed Nov 19, 2010
    Changelog diff is:
  2. update changes for 1.00

    obra committed Nov 19, 2010
Commits on Nov 16, 2010
  1. set link to /m/index.html?NotMobile=1 directly to avoid cases where s…

    sunnavy committed Nov 16, 2010
    …erver/browser can't figure it out
Commits on Oct 29, 2010
  1. Checking in changes prior to tagging of version 0.99.

    obra committed Oct 29, 2010
    Changelog diff is:
  2. Checking in changes prior to tagging of version 0.98.

    obra committed Oct 28, 2010
    Changelog diff is:
  3. Add to the Changes file

    tsibley committed Oct 29, 2010