mozilla-bteam · dklawren · Mar 5, 2026 · Mar 5, 2026
diff --git a/Bugzilla/Search.pm b/Bugzilla/Search.pm
@@ -970,30 +970,8 @@ sub _sql {
     $timeout_comment = "/*+ MAX_EXECUTION_TIME($ms) */";
   }
 
-  # Add some user information to the SQL so we can pinpoint where some
-  # slow running queries originate and help to refine the searches.
-  my $cgi          = Bugzilla->cgi;
-  my $remote_ip    = remote_ip();
-  my $user_agent   = $cgi->user_agent || $cgi->script_name;
-  my $query_string = $cgi->canonicalize_query();
-
-  # Sanitize user-controlled fields to prevent SQL injection in user agent
-  # and query parameters
-  for ($user_agent, $query_string) {
-      # Remove SQL comment terminators and newlines
-      s/[*]//g;
-      s/[\r\n]+/ /g;
-      s/[^\x20-\x7E]/ /g; # Replace non-printable characters with space
-  }
-
   my $query = <<"END";
-/*
-user-id: $user_id
-remote-ip: $remote_ip
-user-agent: $user_agent
-query-string: $query_string
-*/
-  SELECT $timeout_comment $select
+SELECT $timeout_comment $select
   FROM $from
  WHERE $where
 $group_by$order_by$limit

diff --git a/t/007util.t b/t/007util.t
@@ -166,4 +166,4 @@ $past = $now->clone->subtract(days => 2);
 is(time_ago($past), '2 days ago', 'time_ago(DateTime 2 days ago) returns "2 days ago"');
 
 $past = $now->clone->subtract(months => 1);
-like(time_ago($past), qr/^(1 month|2[89]|3[01] days) ago$/, 'time_ago(DateTime 1 month ago) is reasonable');
+like(time_ago($past), qr/^(1 month|(2[89]|3[01]) days) ago$/, 'time_ago(DateTime 1 month ago) is reasonable');