diff options
| author | Dylan Hardison <dylan@mozilla.com> | 2016-03-10 04:12:31 +0100 |
|---|---|---|
| committer | Dylan Hardison <dylan@mozilla.com> | 2016-03-10 04:12:31 +0100 |
| commit | 9cc89d34f79d1a326e5c792722163d5908a97c13 (patch) | |
| tree | 3dc2a45f0826439fc6ea814197173a1fbb30b378 /auth.cgi | |
| parent | ad2b169b0b40aa53bfacb8a7cfb89631134a865d (diff) | |
| download | bugzilla-9cc89d34f79d1a326e5c792722163d5908a97c13.tar.gz bugzilla-9cc89d34f79d1a326e5c792722163d5908a97c13.tar.xz | |
Bug 1254227 - MozReview auth delegation allows sending out phishing mails via Bugzilla
Diffstat (limited to 'auth.cgi')
| -rwxr-xr-x | auth.cgi | 6 |
1 files changed, 5 insertions, 1 deletions
@@ -39,14 +39,19 @@ my $description = $cgi->param('description') or ThrowUserError("auth_delegation_ trick_taint($callback); trick_taint($description); +ThrowUserError("auth_delegation_invalid_description") + unless $description =~ /^[\w\s]{3,255}$/; + my $callback_uri = URI->new($callback); my $callback_base = $callback_uri->clone; $callback_base->query(undef); +my $app_id = sha256_hex($callback_base, $description); my $skip_confirmation = 0; my %args = ( skip_confirmation => \$skip_confirmation, callback => $callback_uri, description => $description, + app_id => $app_id, callback_base => $callback_base ); Bugzilla::Hook::process('auth_delegation_confirm', \%args); @@ -64,7 +69,6 @@ if ($confirmed || $skip_confirmation) { { token => $token, callback => $callback }); } } - my $app_id = sha256_hex($callback_base, $description); my $keys = Bugzilla::User::APIKey->match({ user_id => $user->id, app_id => $app_id, |