diff options
author | Frédéric Buclin <LpSolit@gmail.com> | 2011-01-24 18:04:59 +0100 |
---|---|---|
committer | Frédéric Buclin <LpSolit@gmail.com> | 2011-01-24 18:04:59 +0100 |
commit | f6c4abda55c83a53d32d5958cc9c81a602423c89 (patch) | |
tree | 9778fcd7fea9c2fc0bf3b13f68113efa22c7ce3c /extensions/Voting | |
parent | 4ab5bc9f4c4ba4a7b20ebf00466f9b2de67f311d (diff) | |
download | bugzilla-f6c4abda55c83a53d32d5958cc9c81a602423c89.tar.gz bugzilla-f6c4abda55c83a53d32d5958cc9c81a602423c89.tar.xz |
Bug 621107: [SECURITY] Sanity checking lacks CSRF protection
r=dkl a=LpSolit
Diffstat (limited to 'extensions/Voting')
-rw-r--r-- | extensions/Voting/template/en/default/hook/admin/sanitycheck/messages-statuses.html.tmpl | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/extensions/Voting/template/en/default/hook/admin/sanitycheck/messages-statuses.html.tmpl b/extensions/Voting/template/en/default/hook/admin/sanitycheck/messages-statuses.html.tmpl index afb81d34c..bbf0350a1 100644 --- a/extensions/Voting/template/en/default/hook/admin/sanitycheck/messages-statuses.html.tmpl +++ b/extensions/Voting/template/en/default/hook/admin/sanitycheck/messages-statuses.html.tmpl @@ -19,7 +19,8 @@ #%] [% IF san_tag == "voting_cache_rebuild_fix" %] - <a href="sanitycheck.cgi?rebuild_vote_cache=1">Click here to + <a href="sanitycheck.cgi?rebuild_vote_cache=1&token= + [%- issue_hash_token(['sanitycheck']) FILTER uri %]">Click here to rebuild the vote cache</a> [% ELSIF san_tag == "voting_cache_alert" %] |