diff options
author | Byron Jones ‹:glob› <glob@mozilla.com> | 2015-11-25 15:22:06 +0100 |
---|---|---|
committer | Dylan Hardison <dylan@mozilla.com> | 2015-11-25 15:22:06 +0100 |
commit | 7880de802f69a58f2a7d7090944db394469bcda7 (patch) | |
tree | 41eb59885f95a04c402e28294b1d8c83618925c1 | |
parent | fe886c6a2ab07d5db20fad555263acd69302f1b0 (diff) | |
download | bugzilla-7880de802f69a58f2a7d7090944db394469bcda7.tar.gz bugzilla-7880de802f69a58f2a7d7090944db394469bcda7.tar.xz |
Bug 1227866 - infinite loop consuming resources when PATH_INFO set
-rw-r--r-- | Bugzilla/CGI.pm | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/Bugzilla/CGI.pm b/Bugzilla/CGI.pm index 4deb5aa52..d24722fcc 100644 --- a/Bugzilla/CGI.pm +++ b/Bugzilla/CGI.pm @@ -375,7 +375,7 @@ sub header { # To initiate github login, a form POSTs to github.cgi with the # github_secret as a parameter. It must match the github_secret cookie. # this prevents some types of redirection attacks. - unless ($user->id) { + unless ($user->id || $self->{bz_redirecting}) { $self->send_cookie(-name => 'github_secret', -value => Bugzilla->github_secret, -httponly => 1); @@ -524,6 +524,14 @@ sub remove_cookie { '-value' => 'X'); } +# To avoid infinite redirection recursion, track when we're within a redirect +# request. +sub redirect { + my $self = shift; + $self->{bz_redirecting} = 1; + return $self->SUPER::redirect(@_); +} + # This helps implement Bugzilla::Search::Recent, and also shortens search # URLs that get POSTed to buglist.cgi. sub redirect_search_url { |