diff options
author | David Lawrence <dkl@mozilla.com> | 2014-11-04 04:11:09 +0100 |
---|---|---|
committer | Byron Jones <glob@mozilla.com> | 2014-11-04 04:11:09 +0100 |
commit | 4e1941fedbe46bafce9aded3a0a38d272fec37a2 (patch) | |
tree | 633351ada50932ec6b747705b95e0bd04e39f05e /Bugzilla/Auth.pm | |
parent | d6ee5ade172abe24389aca15eba9fe922b5697c7 (diff) | |
download | bugzilla-4e1941fedbe46bafce9aded3a0a38d272fec37a2.tar.gz bugzilla-4e1941fedbe46bafce9aded3a0a38d272fec37a2.tar.xz |
Bug 1090427: Backport bug 713926 to bmo/4.2 to protect against csrf for login forms
Diffstat (limited to 'Bugzilla/Auth.pm')
-rw-r--r-- | Bugzilla/Auth.pm | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/Bugzilla/Auth.pm b/Bugzilla/Auth.pm index 2c58b52a8..9f4fb8fa3 100644 --- a/Bugzilla/Auth.pm +++ b/Bugzilla/Auth.pm @@ -168,7 +168,7 @@ sub _handle_login_result { if ($self->{_info_getter}->{successful}->requires_persistence and !Bugzilla->request_cache->{auth_no_automatic_login}) { - $self->{_persister}->persist_login($user); + $user->{_login_token} = $self->{_persister}->persist_login($user); } } elsif ($fail_code == AUTH_ERROR) { |