Mercurial Mercurial > pub > hg > cubicweb / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
web/views/management.py
branchstable
changeset 8605 797fc2e2fb78
parent 8604 7bacc4f21edc
child 8666 1dd655788ece 
--- a/web/views/management.py	Wed Nov 28 11:44:15 2012 +0100
+++ b/web/views/management.py	Tue Nov 27 14:48:03 2012 +0100
@@ -20,6 +20,7 @@
 __docformat__ = "restructuredtext en"
 _ = unicode
 
+
 from logilab.mtconverter import xml_escape
 from logilab.common.registry import yes
 
@@ -148,6 +149,8 @@
             form.add_hidden('description', binfo,
                             # we must use a text area to keep line breaks
                             widget=wdgs.TextArea({'class': 'hidden'}))
+            # add a signature so one can't send arbitrary text
+            form.add_hidden('__signature', req.vreg.config.sign_text(binfo))
             form.add_hidden('__bugreporting', '1')
             form.form_buttons = [wdgs.SubmitButton(MAIL_SUBMIT_MSGID)]
             form.action = req.build_url('reportbug')
cubicweb