summaryrefslogtreecommitdiffstats
path: root/chart.cgi
diff options
context:
space:
mode:
authorFrédéric Buclin <LpSolit@gmail.com>2011-01-24 18:12:29 +0100
committerFrédéric Buclin <LpSolit@gmail.com>2011-01-24 18:12:29 +0100
commit10b4a9266d92269fd48d12d1a6de983858ea9b74 (patch)
treeff5fa498403d5f40f6a68daa5752152ed6f137ea /chart.cgi
parentf6c4abda55c83a53d32d5958cc9c81a602423c89 (diff)
downloadbugzilla-10b4a9266d92269fd48d12d1a6de983858ea9b74.tar.gz
bugzilla-10b4a9266d92269fd48d12d1a6de983858ea9b74.tar.xz
Bug 621108: [SECURITY] Creating/editing charts lacks CSRF protection
r=dkl a=LpSolit
Diffstat (limited to 'chart.cgi')
-rwxr-xr-xchart.cgi8
1 files changed, 6 insertions, 2 deletions
diff --git a/chart.cgi b/chart.cgi
index 12ef8d834..a04cde068 100755
--- a/chart.cgi
+++ b/chart.cgi
@@ -146,6 +146,8 @@ elsif ($action eq "wrap") {
}
elsif ($action eq "create") {
assertCanCreate($cgi);
+ my $token = $cgi->param('token');
+ check_hash_token($token, ['create-series']);
my $series = new Bugzilla::Series($cgi);
@@ -164,9 +166,11 @@ elsif ($action eq "edit") {
edit($series);
}
elsif ($action eq "alter") {
- assertCanEdit($series_id);
+ my $series = assertCanEdit($series_id);
+ my $token = $cgi->param('token');
+ check_hash_token($token, [$series->id, $series->name]);
# XXX - This should be replaced by $series->set_foo() methods.
- my $series = new Bugzilla::Series($cgi);
+ $series = new Bugzilla::Series($cgi);
# We need to check if there is _another_ series in the database with
# our (potentially new) name. So we call existsInDatabase() to see if