diff options
| author | Byron Jones <glob@mozilla.com> | 2015-08-19 06:59:52 +0200 |
|---|---|---|
| committer | Byron Jones <glob@mozilla.com> | 2015-08-19 06:59:52 +0200 |
| commit | 4d855c238fe9d98cde01aab62ecf17253ed20e4e (patch) | |
| tree | d13196e809195b1d52c659f2ca5c0c0cfac6ed98 /attachment.cgi | |
| parent | eb35e8e7d642dc16e89d373f37142225327965b8 (diff) | |
| download | bugzilla-4d855c238fe9d98cde01aab62ecf17253ed20e4e.tar.gz bugzilla-4d855c238fe9d98cde01aab62ecf17253ed20e4e.tar.xz | |
Bug 1195544 - Information Disclosure Vulnerability Permits Attacker Obtains The GitHub OAUTH Return Code
Diffstat (limited to 'attachment.cgi')
| -rwxr-xr-x | attachment.cgi | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/attachment.cgi b/attachment.cgi index d27c89e9f..78023560d 100755 --- a/attachment.cgi +++ b/attachment.cgi @@ -315,6 +315,8 @@ sub get_attachment { # Replace %bugid% by the ID of the bug the attachment # belongs to, if present. $attachbase =~ s/\%bugid\%/$bug_id/; + # To avoid leaking information we redirect using the attachment ID only + $path = 'attachment.cgi?' . join('&', map { 'id=' . $attachments{$_}->id } keys %attachments); if (all_attachments_are_public(\%attachments)) { # No need for a token; redirect to attachment base. print $cgi->redirect(-location => $attachbase . $path); |