diff options
author | lpsolit%gmail.com <> | 2005-07-07 20:53:28 +0200 |
---|---|---|
committer | lpsolit%gmail.com <> | 2005-07-07 20:53:28 +0200 |
commit | 73270363b7dabda4406b5ab638ead98a951eebeb (patch) | |
tree | d3e22918e622ad6c8196d35882a7686c0a5d787e | |
parent | 8ef93208df4b0c83acb4d24772b7af062d36ec78 (diff) | |
download | bugzilla-73270363b7dabda4406b5ab638ead98a951eebeb.tar.gz bugzilla-73270363b7dabda4406b5ab638ead98a951eebeb.tar.xz |
Bug 268146: mod_security complain: Invalid cookie format: Cookie value is missing #2 - Patch by Marc Schumann <wurblzap@gmail.com> r=kiko a=justdave
-rw-r--r-- | Bugzilla/Auth/Login/WWW/CGI.pm | 8 | ||||
-rw-r--r-- | Bugzilla/CGI.pm | 67 | ||||
-rwxr-xr-x | buglist.cgi | 6 | ||||
-rwxr-xr-x | colchange.cgi | 13 | ||||
-rwxr-xr-x | query.cgi | 3 | ||||
-rw-r--r-- | template/en/default/global/code-error.html.tmpl | 3 |
6 files changed, 67 insertions, 33 deletions
diff --git a/Bugzilla/Auth/Login/WWW/CGI.pm b/Bugzilla/Auth/Login/WWW/CGI.pm index 98fd3a6d3..d117aef47 100644 --- a/Bugzilla/Auth/Login/WWW/CGI.pm +++ b/Bugzilla/Auth/Login/WWW/CGI.pm @@ -232,12 +232,8 @@ sub logout { sub clear_browser_cookies { my $cgi = Bugzilla->cgi; - $cgi->send_cookie(-name => "Bugzilla_login", - -value => "", - -expires => "Tue, 15-Sep-1998 21:49:00 GMT"); - $cgi->send_cookie(-name => "Bugzilla_logincookie", - -value => "", - -expires => "Tue, 15-Sep-1998 21:49:00 GMT"); + $cgi->remove_cookie('Bugzilla_login'); + $cgi->remove_cookie('Bugzilla_logincookie'); } 1; diff --git a/Bugzilla/CGI.pm b/Bugzilla/CGI.pm index c4433cc62..6f5a6f6d7 100644 --- a/Bugzilla/CGI.pm +++ b/Bugzilla/CGI.pm @@ -19,6 +19,7 @@ # # Contributor(s): Bradley Baetz <bbaetz@student.usyd.edu.au> # Byron Jones <bugzilla@glob.com.au> +# Marc Schumann <wurblzap@gmail.com> use strict; @@ -28,6 +29,7 @@ use CGI qw(-no_xhtml -oldstyle_urls :private_tempfiles :unique_headers SERVER_PU use base qw(CGI); +use Bugzilla::Error; use Bugzilla::Util; use Bugzilla::Config; @@ -177,21 +179,42 @@ sub multipart_start { sub send_cookie { my $self = shift; - # Add the default path in - unshift(@_, '-path' => Param('cookiepath')); - if (Param('cookiedomain')) - { - unshift(@_, '-domain' => Param('cookiedomain')); + # Move the param list into a hash for easier handling. + my %paramhash; + my @paramlist; + my ($key, $value); + while ($key = shift) { + $value = shift; + $paramhash{$key} = $value; } - # Use CGI::Cookie directly, because CGI.pm's |cookie| method gives the - # current value if there isn't a -value attribute, which happens when - # we're expiring an entry. - require CGI::Cookie; - my $cookie = CGI::Cookie->new(@_); - push @{$self->{Bugzilla_cookie_list}}, $cookie; + # Complain if -value is not given or empty (bug 268146). + if (!exists($paramhash{'-value'}) || !$paramhash{'-value'}) { + ThrowCodeError('cookies_need_value'); + } + + # Add the default path and the domain in. + $paramhash{'-path'} = Param('cookiepath'); + $paramhash{'-domain'} = Param('cookiedomain') if Param('cookiedomain'); + + # Move the param list back into an array for the call to cookie(). + foreach (keys(%paramhash)) { + unshift(@paramlist, $_ => $paramhash{$_}); + } + + push(@{$self->{'Bugzilla_cookie_list'}}, $self->cookie(@paramlist)); +} - return; +# Cookies are removed by setting an expiry date in the past. +# This method is a send_cookie wrapper doing exactly this. +sub remove_cookie { + my $self = shift; + my ($cookiename) = (@_); + + # Expire the cookie, giving a non-empty dummy value (bug 268146). + $self->send_cookie('-name' => $cookiename, + '-expires' => 'Tue, 15-Sep-1998 21:49:00 GMT', + '-value' => 'X'); } # Redirect to https if required @@ -256,11 +279,21 @@ Values in C<@exclude> are not included in the result. =item C<send_cookie> -This routine is identical to CGI.pm's C<cookie> routine, except that the cookie -is sent to the browser, rather than returned. This should be used by all -Bugzilla code (instead of C<cookie> or the C<-cookie> argument to C<header>), -so that under mod_perl the headers can be sent correctly, using C<print> or -the mod_perl APIs as appropriate. +This routine is identical to the cookie generation part of CGI.pm's C<cookie> +routine, except that it knows about Bugzilla's cookie_path and cookie_domain +parameters and takes them into account if necessary. +This should be used by all Bugzilla code (instead of C<cookie> or the C<-cookie> +argument to C<header>), so that under mod_perl the headers can be sent +correctly, using C<print> or the mod_perl APIs as appropriate. + +To remove (expire) a cookie, use C<remove_cookie>. + +=item C<remove_cookie> + +This is a wrapper around send_cookie, setting an expiry date in the past, +effectively removing the cookie. + +As its only argument, it takes the name of the cookie to expire. =item C<require_https($baseurl)> diff --git a/buglist.cgi b/buglist.cgi index 40f54cb38..edacd836e 100755 --- a/buglist.cgi +++ b/buglist.cgi @@ -707,8 +707,7 @@ if ($order) { else { my $vars = { fragment => $fragment }; if ($order_from_cookie) { - $cgi->send_cookie(-name => 'LASTORDER', - -expires => 'Tue, 15-Sep-1998 21:49:00 GMT'); + $cgi->remove_cookie('LASTORDER'); ThrowCodeError("invalid_column_name_cookie", $vars); } else { @@ -1020,8 +1019,7 @@ if ($format->{'extension'} eq "html") { -expires => 'Fri, 01-Jan-2038 00:00:00 GMT'); } else { - $cgi->send_cookie(-name => 'BUGLIST', - -expires => 'Tue, 15-Sep-1998 21:49:00 GMT'); + $cgi->remove_cookie('BUGLIST'); $vars->{'toolong'} = 1; } diff --git a/colchange.cgi b/colchange.cgi index 11caca423..235da6a01 100755 --- a/colchange.cgi +++ b/colchange.cgi @@ -97,7 +97,7 @@ if (defined $cgi->param('rememberedquery')) { } } if (defined $cgi->param('splitheader')) { - $splitheader = $cgi->param('splitheader'); + $splitheader = $cgi->param('splitheader')? 1: 0; } } my $list = join(" ", @collist); @@ -106,9 +106,14 @@ if (defined $cgi->param('rememberedquery')) { $cgi->send_cookie(-name => 'COLUMNLIST', -value => $list, -expires => 'Fri, 01-Jan-2038 00:00:00 GMT'); - $cgi->send_cookie(-name => 'SPLITHEADER', - -value => $cgi->param('splitheader'), - -expires => 'Fri, 01-Jan-2038 00:00:00 GMT'); + if ($splitheader) { + $cgi->send_cookie(-name => 'SPLITHEADER', + -value => $splitheader, + -expires => 'Fri, 01-Jan-2038 00:00:00 GMT'); + } + else { + $cgi->remove_cookie('SPLITHEADER'); + } $vars->{'message'} = "change_columns"; $vars->{'redirect_url'} = "buglist.cgi?".$cgi->param('rememberedquery'); @@ -100,8 +100,7 @@ if ($userid) { } $dbh->bz_unlock_tables(); } - $cgi->send_cookie(-name => $cookiename, - -expires => "Fri, 01-Jan-2038 00:00:00 GMT"); + $cgi->remove_cookie($cookiename); } } } diff --git a/template/en/default/global/code-error.html.tmpl b/template/en/default/global/code-error.html.tmpl index d12036cd7..d54163bd8 100644 --- a/template/en/default/global/code-error.html.tmpl +++ b/template/en/default/global/code-error.html.tmpl @@ -86,6 +86,9 @@ Charts will not work without the Chart::Lines Perl module being installed. Run checksetup.pl for installation instructions. + [% ELSIF error == "cookies_need_value" %] + Every cookie must have a value. + [% ELSIF error == "field_type_mismatch" %] Cannot seem to handle <code>[% field FILTER html %]</code> and <code>[% type FILTER html %]</code> together. |