gavin and i and others would like to be able to write simple urls where we e.g. cc ourselves (or someone else) to a bug by number. today in order to do that, we need to load the bug and submit, otherwise we'd be destroying the bug's summary, status whiteboard, and other flags. syntax: processbug.cgi?mode=additive&cc=timeless@bemail.org&bugid=354320

note, this shouldn't be just for ccing, if i want to change the summary of the bug, i should be able to specify https://bugzilla.mozilla.org/process_bug.cgi?mode=additive&short_desc=process_bug+should+offer+a+mode+where+it+only+makes+changes+based+on+parameters+specified&bugid=354320

Modify bugs with "GET" requests, without checking a form key or a referrer? Sounds like a huge CSRF hazard and violation of HTTP rules.

i'm willing to setup a magic word which is configured in preferences that has to be included in such requests. if the magic word is wrong more than 3 times, the feature is automatically disabled. if people are squemish about users picking guessable magic words we could only allow the user to request a new randomly generated magic word.

Pretend you are making mass changes. That should help a little.

afaik the mass change thing requires me to include lots of &foopy=--DO_NOT_CHANGE-- or something. i want the urls to be simple things i can actually write on my own.

this would work nicely w/ bug 344251 comment 3

Fixed as part of the rewrite of process_bug.cgi and the implementation of $bug->update. email_in.pl in 3.2 works exactly this way. Reassigning to mkanat as he did all the hard work. :)

Despite bug 367914 is still open, the implementation is already fully functional -> FIXED.