diff options
| author | justdave%syndicomm.com <> | 2001-06-08 05:26:37 +0200 |
|---|---|---|
| committer | justdave%syndicomm.com <> | 2001-06-08 05:26:37 +0200 |
| commit | 982869a3e0b7246d9d05d040716fc1eedffe4e44 (patch) | |
| tree | 6a3736bfecf11687c5f24a95b5c990b4a5bb4023 /CGI.pl | |
| parent | 4e5f26e8d6e9ea7441bb05f477e0c67523f3a7e0 (diff) | |
| download | bugzilla-982869a3e0b7246d9d05d040716fc1eedffe4e44.tar.gz bugzilla-982869a3e0b7246d9d05d040716fc1eedffe4e44.tar.xz | |
Fix for bug 15980: Password is no longer shown in the location bar on the first page you load after logging in.
Patch by Dave Miller <justdave@syndicomm.com>
r= jake@acutex.net
Diffstat (limited to 'CGI.pl')
| -rw-r--r-- | CGI.pl | 12 |
1 files changed, 9 insertions, 3 deletions
@@ -20,6 +20,7 @@ # Contributor(s): Terry Weissman <terry@mozilla.org> # Dan Mosedale <dmose@mozilla.org> # Joe Robins <jmrobins@tgix.com> +# Dave Miller <justdave@syndicomm.com> # Contains some global routines used throughout the CGI scripts of Bugzilla. @@ -914,9 +915,14 @@ Content-type: text/html $nexturl = $&; } my $method = "POST"; - if (defined $ENV{"REQUEST_METHOD"} && length($::buffer) > 1) { - $method = $ENV{"REQUEST_METHOD"}; - } +# We always want to use POST here, because we're submitting a password and don't +# want to see it in the location bar in the browser in case a co-worker is looking +# over your shoulder. If you have cookies off and need to bookmark the query, you +# can bookmark it from the screen asking for your password, and it should still +# work. See http://bugzilla.mozilla.org/show_bug.cgi?id=15980 +# if (defined $ENV{"REQUEST_METHOD"} && length($::buffer) > 1) { +# $method = $ENV{"REQUEST_METHOD"}; +# } print " <FORM action=$nexturl method=$method> <table> |