summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlpsolit%gmail.com <>2006-03-11 10:06:41 +0100
committerlpsolit%gmail.com <>2006-03-11 10:06:41 +0100
commita17c894042669a624c8381fed63babe2e75fdc6d (patch)
tree68ccf13b56e8eb45384630d670890c2ea3589c44
parentc11e84cebad0986b22d0b9d29e0892189f5f8aac (diff)
downloadbugzilla-a17c894042669a624c8381fed63babe2e75fdc6d.tar.gz
bugzilla-a17c894042669a624c8381fed63babe2e75fdc6d.tar.xz
Bug 329334: User::match_field() may redirect you outside your Bugzilla installation - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=myk
-rw-r--r--Bugzilla/User.pm2
1 files changed, 1 insertions, 1 deletions
diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm
index 41feb1128..ec69e0494 100644
--- a/Bugzilla/User.pm
+++ b/Bugzilla/User.pm
@@ -1060,7 +1060,7 @@ sub match_field {
my $template = Bugzilla->template;
my $vars = {};
- $vars->{'script'} = $ENV{'SCRIPT_NAME'}; # for self-referencing URLs
+ $vars->{'script'} = Bugzilla->cgi->url(-relative => 1); # for self-referencing URLs
$vars->{'fields'} = $fields; # fields being matched
$vars->{'matches'} = $matches; # matches that were made
$vars->{'matchsuccess'} = $matchsuccess; # continue or fail