Making WordPress.org

Opened 11 years ago

Closed 10 years ago

#265 closed defect (bug) (fixed)

Update Trac security warnings

Reported by: nacin's profile nacin Owned by: nacin's profile nacin
Milestone: Priority: normal
Component: Trac Keywords:
Cc:

Description

When you try to submit a ticket in the Security component, Core Trac will display a notice. This has probably helped some, but we still get (often bogus) security reports created sometimes.

We should instead detect words referring to a security issue, then display a checkbox and force them to click it before they can submit the ticket.

Attachments (2)

265.diff (3.7 KB) - added by jorbin 11 years ago.
265.2.diff (3.8 KB) - added by jorbin 11 years ago.

Download all attachments as: .zip

Change History (7)

#1 @nacin
11 years ago

In 218:

Trac: Add JavaScript to detect words probably referring to a security report. props jorbin. see #265.

#2 @nacin
11 years ago

  • Owner set to nacin
  • Resolution set to fixed
  • Status changed from new to closed

In 219:

Trac: Add trac-security.js to /newticket views. fixes #265.

@jorbin
11 years ago

#3 @jorbin
11 years ago

  • Resolution fixed deleted
  • Status changed from closed to reopened

Patch attached is a version that contains passing unit tests https://github.com/aaronjorbin/trac_security

@jorbin
11 years ago

#4 @jorbin
11 years ago

  • Cc jorbin added

#5 @nacin
10 years ago

  • Resolution set to fixed
  • Status changed from reopened to closed

In 1058:

Update Trac security script. props jorbin, fixes #265.

Note: See TracTickets for help on using tickets.