On Wed, May 20, 2009 at 6:05 AM, Igor Tarasov tarasov.igor@gmail.com wrote:
attachment.cgi shows that it relies on allow_attachment_display parameter in bugzilla configuration. It has to be set to true.
-- Igor
Can a bugzilla admin please enable this?
OK, it is now enabled.
-Newman
Austin English wrote:
On Wed, May 20, 2009 at 6:05 AM, Igor Tarasov tarasov.igor@gmail.com wrote:
attachment.cgi shows that it relies on allow_attachment_display parameter in bugzilla configuration. It has to be set to true.
-- Igor
Can a bugzilla admin please enable this?
Hey Jeremy. The allow_attachment_display parameter has a detailed description that notes that you are opening a security hole if you set it without setting another parameter (which you haven't set). Did you read the description of the parameter?
-Max
The parameter has been set, as well as the cookie domain param.
-Newman
Max Kanat-Alexander wrote:
Hey Jeremy. The allow_attachment_display parameter has a detaileddescription that notes that you are opening a security hole if you set it without setting another parameter (which you haven't set). Did you read the description of the parameter?
-Max
Hey Jeremy. Which parameter, attachment_base or allow_attachment_display? And do you mean that you unset the cookiedomain parameter, or...? (Usually cookiedomain shouldn't be set at all.)
-Max
Jeremy Newman wrote:
The parameter has been set, as well as the cookie domain param.
-Newman
Max Kanat-Alexander wrote:
Hey Jeremy. The allow_attachment_display parameter has a detaileddescription that notes that you are opening a security hole if you set it without setting another parameter (which you haven't set). Did you read the description of the parameter?
-Max
-
Austin English -
Jeremy Newman -
Max Kanat-Alexander