Bug 779088 - Allow extensions to whitelist PATH_INFO

r/a=LpSolit

2 files changed, 25 insertions, 3 deletions

diff --git a/Bugzilla/CGI.pm b/Bugzilla/CGI.pm
index cb09c0066..febbff618 100644
--- a/Bugzilla/CGI.pm
+++ b/Bugzilla/CGI.pm
@@ -59,14 +59,20 @@ sub new {
 
     # Path-Info is of no use for Bugzilla and interacts badly with IIS.
     # Moreover, it causes unexpected behaviors, such as totally breaking
-    # the rendering of pages. Skip it!
-    print $self->redirect($self->url(-path => 0, -query => 1)) if $self->path_info;
+    # the rendering of pages.
+    my $script = basename($0);
+    if ($self->path_info) {
+        my @whitelist;
+        Bugzilla::Hook::process('path_info_whitelist', { whitelist => \@whitelist });
+        if (!grep($_ eq $script, @whitelist)) {
+            print $self->redirect($self->url(-path => 0, -query => 1));
+        }
+    }
 
     # Send appropriate charset
     $self->charset(Bugzilla->params->{'utf8'} ? 'UTF-8' : '');
 
     # Redirect to urlbase/sslbase if we are not viewing an attachment.
-    my $script = basename($0);
     if ($self->url_is_attachment_base and $script ne 'attachment.cgi') {
         $self->redirect_to_urlbase();
     }
diff --git a/Bugzilla/Hook.pm b/Bugzilla/Hook.pm
index 730170663..3b8b52805 100644
--- a/Bugzilla/Hook.pm
+++ b/Bugzilla/Hook.pm
@@ -1289,6 +1289,22 @@ your template.
 
 =back
 
+=head2 path_info_whitelist
+
+By default, Bugzilla removes the Path-Info information from URLs before
+passing data to CGI scripts. If this information is needed for your
+customizations, you can enumerate the pages you want to whitelist here.
+
+Params:
+
+=over
+
+=item C<whitelist>
+
+An array of script names that will not have their Path-Info automatically
+removed.
+
+=back
 
 =head2 post_bug_after_creation