Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 88241 - Links point back to, leading to inadvertant site changes, registrations, and user frustrations
Summary: Links point back to, leading to inadvertant site changes,...
Alias: None
Product: Bugzilla
Classification: Community
Component: Bugzilla General
Version: 2.17
Hardware: All
OS: Linux
low vote
Target Milestone: ---
Assignee: David Lawrence
QA Contact: David Lawrence
URL: index.cgi
Depends On:
TreeView+ depends on / blocked
Reported: 2003-04-08 03:46 UTC by Kevin R. Pierce
Modified: 2007-04-18 16:52 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2003-04-08 15:11:16 UTC

Attachments (Terms of Use)

Description Kevin R. Pierce 2003-04-08 03:46:38 UTC
Description of problem:
A couple links on index.cgi are setup to point back at redhat, meaning that 
unless they are corrected, users of new installations may end up changing to 
the redhat bugzilla deployment.

Steps to Reproduce:
1. Install Bugzilla
2. Login as Maintainer and set urlbase
3. Logout and browse to index.cgi and check out the links in the lower right 
Actual results:
The links for [relogin] and [add account] are unneccesarily encoded for

Additional info:
We fixed the issue in index.html.tmpl, by removing the absolute reference to

Comment 1 Kevin R. Pierce 2003-04-08 04:00:15 UTC
Here are the actual items from index.cgi
New Account:
Log In:

I believe they should instead be:
New Account: http://createaccount.cgi
Log In: http://query.cgi?GoAheadAndLogIn=1

I do see that redhat is using https, where as we're using http, so I'm not sure 
how that gets handled.

Comment 2 David Lawrence 2003-04-08 15:11:16 UTC
I have hardcoded some of the URL so as to force the use of https for logging in
since this keeps the users password from being passed as plain text. You will
need to fix the hard coded links to match those of your own. Or you can just
remove the part completely leaving only
query.cgi?GoAheadAndLogIn=1 which will work for all installs.

Note You need to log in before you can comment on or make changes to this bug.