diff options
| author | Dave Lawrence <dlawrence@mozilla.com> | 2012-05-01 17:37:15 +0200 |
|---|---|---|
| committer | Dave Lawrence <dlawrence@mozilla.com> | 2012-05-01 17:37:15 +0200 |
| commit | b9ce8358e9822243421a37548e3d1f0371b97455 (patch) | |
| tree | 37e983d92587ee30f93c35109200567e499ec491 /buglist.cgi | |
| parent | 228c7bf9ea03a5faafe22f003e5d56da1b7b2162 (diff) | |
| parent | 07c6bfa4cea83c8284b04add26729f552c93bafc (diff) | |
| download | bugzilla-b9ce8358e9822243421a37548e3d1f0371b97455.tar.gz bugzilla-b9ce8358e9822243421a37548e3d1f0371b97455.tar.xz | |
merged with bugzilla/4.2
Diffstat (limited to 'buglist.cgi')
| -rwxr-xr-x | buglist.cgi | 23 |
1 files changed, 9 insertions, 14 deletions
diff --git a/buglist.cgi b/buglist.cgi index d2f9a6904..6236a5669 100755 --- a/buglist.cgi +++ b/buglist.cgi @@ -113,16 +113,6 @@ if (defined $cgi->param('ctype') && $cgi->param('ctype') eq "rss") { $cgi->param('ctype', "atom"); } -# The js ctype presents a security risk; a malicious site could use it -# to gather information about secure bugs. So, we only allow public bugs to be -# retrieved with this format. -# -# Note that if and when this call clears cookies or has other persistent -# effects, we'll need to do this another way instead. -if ((defined $cgi->param('ctype')) && ($cgi->param('ctype') eq "js")) { - Bugzilla->logout_request(); -} - # An agent is a program that automatically downloads and extracts data # on its user's behalf. If this request comes from an agent, we turn off # various aspects of bug list functionality so agent requests succeed @@ -229,7 +219,9 @@ sub LookupNamedQuery { $query->url || ThrowUserError("buglist_parameters_required"); - return wantarray ? ($query->url, $query->id) : $query->url; + # Detaint $sharer_id. + $sharer_id = $query->user->id if $sharer_id; + return wantarray ? ($query->url, $query->id, $sharer_id) : $query->url; } # Inserts a Named Query (a "Saved Search") into the database, or @@ -348,6 +340,7 @@ sub _close_standby_message { my $cmdtype = $cgi->param('cmdtype') || ''; my $remaction = $cgi->param('remaction') || ''; +my $sharer_id; # Backwards-compatibility - the old interface had cmdtype="runnamed" to run # a named command, and we can't break this because it's in bookmarks. @@ -384,8 +377,9 @@ $filename =~ s/"/\\"/g; # escape quotes if ($cmdtype eq "dorem") { if ($remaction eq "run") { my $query_id; - ($buffer, $query_id) = LookupNamedQuery(scalar $cgi->param("namedcmd"), - scalar $cgi->param('sharer_id')); + ($buffer, $query_id, $sharer_id) = + LookupNamedQuery(scalar $cgi->param("namedcmd"), + scalar $cgi->param('sharer_id')); # If this is the user's own query, remember information about it # so that it can be modified easily. $vars->{'searchname'} = $cgi->param('namedcmd'); @@ -775,7 +769,8 @@ if ($format->{'extension'} eq 'html' && !defined $params->param('limit')) { # Generate the basic SQL query that will be used to generate the bug list. my $search = new Bugzilla::Search('fields' => \@selectcolumns, 'params' => scalar $params->Vars, - 'order' => \@orderstrings); + 'order' => \@orderstrings, + 'sharer' => $sharer_id); my $query = $search->sql; $vars->{'search_description'} = $search->search_description; |