Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
branch: master
Commits on Apr 23, 2014
  1. Fix Changes and bump version for 1.07

    Kevin Falcone authored
  2. bump version for 1.06

    Kevin Falcone authored
  3. Mark as deprecated

    Kevin Falcone authored
  4. Die if installed on newer RTs

    Kevin Falcone authored
  5. upgrade MI and MIRTx

    Kevin Falcone authored
Commits on Aug 13, 2013
  1. @tsibley
  2. @tsibley

    Merge branch 'security'

    tsibley authored
Commits on May 31, 2013
  1. @tsibley

    Bump version

    tsibley authored
  2. @tsibley
  3. @tsibley

    Update build toolchain

    tsibley authored
Commits on May 22, 2013
  1. @tsibley
Commits on Aug 27, 2012
  1. Version bump for 1.03 release

    Kevin Falcone authored
  2. infrastructure housekeeping

    Kevin Falcone authored
Commits on Aug 14, 2012
  1. Whitelist /m/tickets/search

    Kevin Falcone authored
    This allows users to bookmark searches from their mobile devices without
    running into the CSRF handler.
Commits on Jul 3, 2012
  1. @alexmv

    Version bump

    alexmv authored
  2. @alexmv

    Merge branch 'security'

    alexmv authored
Commits on Apr 5, 2012
  1. @alexmv

    Ensure that javascript is correctly escaped, for CVE-2011-2083

    alexmv authored
    RT 3.8.12 ensured that user-supplied strings in javascript were properly
    escaped when output, by adding a 'j' Mason filter.  Since we cannot
    depend on having that version of RT, provide and use our own identical
    EscapeJS function, which we use to escape user-supplied strings.
  2. @alexmv

    Include the AHAH javascript for include-in-page CFs

    alexmv authored
    da29e20 added the IncludeContentForValue codepath which calls ahah() in
    javascript, but neglected to add the javascript include that provides
    the ahah() function.  Add it now, which makes the IncludeContentForValue
    functionality work on mobile devices.
  3. @alexmv
  4. @alexmv

    RT 3.8.12 and above escape arguments to <&|/l&>; use loc

    alexmv authored
    In the process of resolving CVE-2011-2083, RT 3.8.12 moved to an
    implementation of the /l component which HTML escapes its arguments, by
    default.  As we cannot be sure which version of /l is currently
    installed without a version check, or a check to the new /l_unsafe,
    simply fall back to an interpolated loc() call instead.
  5. @alexmv

    Use loc for interpolation

    Shawn M Moore authored alexmv committed
  6. @alexmv

    Escape the name of the predefined search that was not found

    Shawn M Moore authored alexmv committed
  7. @alexmv

    Escape subject and links in /m/ticket/create

    Shawn M Moore authored alexmv committed
Commits on Mar 21, 2011
  1. Older version of RT didn't always set a SearchType

    Kevin Falcone authored
    We don't currently have an upgrading script for this and a ton of RT's
    code code works around this by defaulting to an empty SearchType meaning
    that it is a Ticket search.
Commits on Jan 20, 2011
  1. @sunnavy
Commits on Dec 10, 2010
  1. @sunnavy
Commits on Dec 8, 2010
  1. @obra

    Checking in changes prior to tagging of version 1.01.

    obra authored
    Changelog diff is:
    
    diff --git a/Changes b/Changes
    index 59efa24..ab03f3c 100644
    --- a/Changes
    +++ b/Changes
    @@ -1,3 +1,7 @@
    +1.01
    +
    +* Corrected the "Reply" link to default to reply rather than comment
    +
     1.00
    
     * Fixed redirection from mobile UI to normal ticket display
  2. @smithj4 @obra

    The attached patch makes the default action Respond instead of

    smithj4 authored obra committed
    Comment, which now agrees with the link text that says Reply.  With
    Action defaulting to undef, the template was assuming Comment.
Commits on Nov 19, 2010
  1. @obra

    Checking in changes prior to tagging of version 1.00.

    obra authored
    Changelog diff is:
  2. @obra

    update changes for 1.00

    obra authored
Commits on Nov 16, 2010
  1. @sunnavy

    set link to /m/index.html?NotMobile=1 directly to avoid cases where s…

    sunnavy authored
    …erver/browser can't figure it out
Commits on Oct 29, 2010
  1. @obra

    Checking in changes prior to tagging of version 0.99.

    obra authored
    Changelog diff is:
  2. @obra
  3. @obra

    Checking in changes prior to tagging of version 0.98.

    obra authored
    Changelog diff is:
  4. @tsibley

    Add to the Changes file

    tsibley authored
Something went wrong with that request. Please try again.