diff options
author | Dave Lawrence <dlawrence@mozilla.com> | 2012-08-10 22:57:23 +0200 |
---|---|---|
committer | Dave Lawrence <dlawrence@mozilla.com> | 2012-08-10 22:57:23 +0200 |
commit | a05220de2e69d4b6ef212d1f3556fa848b6e1508 (patch) | |
tree | 7383fb335d3db6290f46a81a3397b15c45bcdb70 /Bugzilla/CGI.pm | |
parent | ecc6dfbcde8351fa37d7f7ed09b875d4eadb5027 (diff) | |
download | bugzilla-a05220de2e69d4b6ef212d1f3556fa848b6e1508.tar.gz bugzilla-a05220de2e69d4b6ef212d1f3556fa848b6e1508.tar.xz |
Bug 779088 - Allow extensions to whitelist PATH_INFO
r/a=LpSolit
Diffstat (limited to 'Bugzilla/CGI.pm')
-rw-r--r-- | Bugzilla/CGI.pm | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/Bugzilla/CGI.pm b/Bugzilla/CGI.pm index cb09c0066..febbff618 100644 --- a/Bugzilla/CGI.pm +++ b/Bugzilla/CGI.pm @@ -59,14 +59,20 @@ sub new { # Path-Info is of no use for Bugzilla and interacts badly with IIS. # Moreover, it causes unexpected behaviors, such as totally breaking - # the rendering of pages. Skip it! - print $self->redirect($self->url(-path => 0, -query => 1)) if $self->path_info; + # the rendering of pages. + my $script = basename($0); + if ($self->path_info) { + my @whitelist; + Bugzilla::Hook::process('path_info_whitelist', { whitelist => \@whitelist }); + if (!grep($_ eq $script, @whitelist)) { + print $self->redirect($self->url(-path => 0, -query => 1)); + } + } # Send appropriate charset $self->charset(Bugzilla->params->{'utf8'} ? 'UTF-8' : ''); # Redirect to urlbase/sslbase if we are not viewing an attachment. - my $script = basename($0); if ($self->url_is_attachment_base and $script ne 'attachment.cgi') { $self->redirect_to_urlbase(); } |