diff options
author | Dylan Hardison <dylan@mozilla.com> | 2016-05-03 15:30:48 +0200 |
---|---|---|
committer | Dylan Hardison <dylan@mozilla.com> | 2016-05-03 15:30:59 +0200 |
commit | 3484d7553d36b38a884619188a160fb6351c0374 (patch) | |
tree | c224d87d983abebfe78f81866dc531266d16bc40 | |
parent | fb321b50db1850f6b3a9a3ababa5913c504acfdf (diff) | |
download | bugzilla-3484d7553d36b38a884619188a160fb6351c0374.tar.gz bugzilla-3484d7553d36b38a884619188a160fb6351c0374.tar.xz |
Bug 1269236 - Incorrect checking of API tokens possibly leads to CSRF and data disclosure vulnerability for insecure accounts
-rw-r--r-- | Bugzilla/Auth/Login/Cookie.pm | 15 |
1 files changed, 6 insertions, 9 deletions
diff --git a/Bugzilla/Auth/Login/Cookie.pm b/Bugzilla/Auth/Login/Cookie.pm index 0b5842523..0a2386ee9 100644 --- a/Bugzilla/Auth/Login/Cookie.pm +++ b/Bugzilla/Auth/Login/Cookie.pm @@ -64,15 +64,7 @@ sub get_login_info { # If the call is for a web service, and an api token is provided, check # it is valid. if (i_am_webservice()) { - if ($login_cookie - && Bugzilla->usage_mode == USAGE_MODE_REST - && !exists Bugzilla->input_params->{Bugzilla_api_token}) - { - # REST requires an api-token when using cookie authentication - # fall back to a non-authenticated request - $login_cookie = ''; - - } elsif (Bugzilla->input_params->{Bugzilla_api_token}) { + if (exists Bugzilla->input_params->{Bugzilla_api_token}) { my $api_token = Bugzilla->input_params->{Bugzilla_api_token}; my ($token_user_id, undef, undef, $token_type) = Bugzilla::Token::GetTokenData($api_token); @@ -84,6 +76,11 @@ sub get_login_info { } $is_internal = 1; } + elsif ($login_cookie && Bugzilla->usage_mode == USAGE_MODE_REST) { + # REST requires an api-token when using cookie authentication + # fall back to a non-authenticated request + $login_cookie = ''; + } } } |