diff options
author | bugreport%peshkin.net <> | 2004-07-10 16:12:21 +0200 |
---|---|---|
committer | bugreport%peshkin.net <> | 2004-07-10 16:12:21 +0200 |
commit | a987df219a7aa54ae2429488f9f5655402463dc5 (patch) | |
tree | 5c4c7870574439391143e1c47b38be08686585b3 | |
parent | c50567b310c406567adfc5a510adf080f9d33eb9 (diff) | |
download | bugzilla-a987df219a7aa54ae2429488f9f5655402463dc5.tar.gz bugzilla-a987df219a7aa54ae2429488f9f5655402463dc5.tar.xz |
Bug 235510: Do not expose user password in URL to chart image if login required to access a chart
patch by gerv
r=kiko
a=justdave
-rwxr-xr-x | chart.cgi | 3 |
1 files changed, 2 insertions, 1 deletions
@@ -284,7 +284,8 @@ sub wrap { $vars->{'time'} = time(); $vars->{'imagebase'} = $cgi->canonicalise_query( - "action", "action-wrap", "ctype", "format", "width", "height"); + "action", "action-wrap", "ctype", "format", "width", "height", + "Bugzilla_login", "Bugzilla_password"); print "Content-Type:text/html\n\n"; $template->process("reports/chart.html.tmpl", $vars) |