diff options
author | David Lawrence <dlawrence@mozilla.com> | 2011-01-24 20:35:31 +0100 |
---|---|---|
committer | David Lawrence <dlawrence@mozilla.com> | 2011-01-24 20:35:31 +0100 |
commit | ad1e3aef99b806d7f4a5bd18aa0c8cc6102f62e6 (patch) | |
tree | e06da7523a0a54ca0e8f6c7d63185a1d76fa6607 /extensions/Voting/Extension.pm | |
parent | 9244270a7d1ca49e315a98c24d51bf405bfa2880 (diff) | |
download | bugzilla-ad1e3aef99b806d7f4a5bd18aa0c8cc6102f62e6.tar.gz bugzilla-ad1e3aef99b806d7f4a5bd18aa0c8cc6102f62e6.tar.xz |
Bug 621105 - [SECURITY] Voting lacks CSRF protection
r=mkanat,a=LpSolit
Diffstat (limited to 'extensions/Voting/Extension.pm')
-rw-r--r-- | extensions/Voting/Extension.pm | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/extensions/Voting/Extension.pm b/extensions/Voting/Extension.pm index d94ff8430..8417e0ec3 100644 --- a/extensions/Voting/Extension.pm +++ b/extensions/Voting/Extension.pm @@ -36,6 +36,7 @@ use Bugzilla::Field; use Bugzilla::Mailer; use Bugzilla::User; use Bugzilla::Util qw(detaint_natural); +use Bugzilla::Token; use List::Util qw(min); @@ -529,6 +530,9 @@ sub _update_votes { || ThrowUserError("voting_must_be_nonnegative"); } + my $token = $cgi->param('token'); + check_hash_token($token, ['vote']); + ############################################################################ # End Data/Security Validation ############################################################################ |