summaryrefslogtreecommitdiffstats
path: root/extensions/Voting
diff options
context:
space:
mode:
authorFrédéric Buclin <LpSolit@gmail.com>2011-01-24 18:04:59 +0100
committerFrédéric Buclin <LpSolit@gmail.com>2011-01-24 18:04:59 +0100
commitf6c4abda55c83a53d32d5958cc9c81a602423c89 (patch)
tree9778fcd7fea9c2fc0bf3b13f68113efa22c7ce3c /extensions/Voting
parent4ab5bc9f4c4ba4a7b20ebf00466f9b2de67f311d (diff)
downloadbugzilla-f6c4abda55c83a53d32d5958cc9c81a602423c89.tar.gz
bugzilla-f6c4abda55c83a53d32d5958cc9c81a602423c89.tar.xz
Bug 621107: [SECURITY] Sanity checking lacks CSRF protection
r=dkl a=LpSolit
Diffstat (limited to 'extensions/Voting')
-rw-r--r--extensions/Voting/template/en/default/hook/admin/sanitycheck/messages-statuses.html.tmpl3
1 files changed, 2 insertions, 1 deletions
diff --git a/extensions/Voting/template/en/default/hook/admin/sanitycheck/messages-statuses.html.tmpl b/extensions/Voting/template/en/default/hook/admin/sanitycheck/messages-statuses.html.tmpl
index afb81d34c..bbf0350a1 100644
--- a/extensions/Voting/template/en/default/hook/admin/sanitycheck/messages-statuses.html.tmpl
+++ b/extensions/Voting/template/en/default/hook/admin/sanitycheck/messages-statuses.html.tmpl
@@ -19,7 +19,8 @@
#%]
[% IF san_tag == "voting_cache_rebuild_fix" %]
- <a href="sanitycheck.cgi?rebuild_vote_cache=1">Click here to
+ <a href="sanitycheck.cgi?rebuild_vote_cache=1&amp;token=
+ [%- issue_hash_token(['sanitycheck']) FILTER uri %]">Click here to
rebuild the vote cache</a>
[% ELSIF san_tag == "voting_cache_alert" %]