diff options
author | Byron Jones <bjones@mozilla.com> | 2013-03-21 06:09:12 +0100 |
---|---|---|
committer | Byron Jones <bjones@mozilla.com> | 2013-03-21 06:09:12 +0100 |
commit | 39f125ca3b0dcd3e1d7318de2e193e4335a4b9a1 (patch) | |
tree | 16341dbdac3ae9a8c2fdeceeaf28a0a247b028ab /extensions | |
parent | 4025fe8be55ed10613cf528bf698084415f8cb85 (diff) | |
download | bugzilla-39f125ca3b0dcd3e1d7318de2e193e4335a4b9a1.tar.gz bugzilla-39f125ca3b0dcd3e1d7318de2e193e4335a4b9a1.tar.xz |
Bug 853314: unable to edit bugzilla push options - insecure dependency
Diffstat (limited to 'extensions')
-rw-r--r-- | extensions/Push/lib/Admin.pm | 3 | ||||
-rw-r--r-- | extensions/Push/lib/BacklogMessage.pm | 4 | ||||
-rw-r--r-- | extensions/Push/lib/Backoff.pm | 4 | ||||
-rw-r--r-- | extensions/Push/lib/LogEntry.pm | 4 | ||||
-rw-r--r-- | extensions/Push/lib/Message.pm | 4 |
5 files changed, 18 insertions, 1 deletions
diff --git a/extensions/Push/lib/Admin.pm b/extensions/Push/lib/Admin.pm index d7df25c09..f579409bd 100644 --- a/extensions/Push/lib/Admin.pm +++ b/extensions/Push/lib/Admin.pm @@ -13,7 +13,7 @@ use warnings; use Bugzilla; use Bugzilla::Error; use Bugzilla::Extension::Push::Util; -use Bugzilla::Util qw(trim detaint_natural); +use Bugzilla::Util qw(trim detaint_natural trick_taint); use base qw(Exporter); our @EXPORT = qw( @@ -67,6 +67,7 @@ sub _update_config_from_form { # update foreach my $option ($config->options) { my $option_name = $option->{name}; + trick_taint($values->{$option_name}); $config->{$option_name} = $values->{$option_name}; } $config->update(); diff --git a/extensions/Push/lib/BacklogMessage.pm b/extensions/Push/lib/BacklogMessage.pm index f9496fa24..8f5263038 100644 --- a/extensions/Push/lib/BacklogMessage.pm +++ b/extensions/Push/lib/BacklogMessage.pm @@ -12,6 +12,10 @@ use warnings; use base 'Bugzilla::Object'; +use constant AUDIT_CREATES => 0; +use constant AUDIT_UPDATES => 0; +use constant AUDIT_REMOVES => 0; + use Bugzilla; use Bugzilla::Error; use Bugzilla::Extension::Push::Util; diff --git a/extensions/Push/lib/Backoff.pm b/extensions/Push/lib/Backoff.pm index bc302a2a9..c0ea15a59 100644 --- a/extensions/Push/lib/Backoff.pm +++ b/extensions/Push/lib/Backoff.pm @@ -12,6 +12,10 @@ use warnings; use base 'Bugzilla::Object'; +use constant AUDIT_CREATES => 0; +use constant AUDIT_UPDATES => 0; +use constant AUDIT_REMOVES => 0; + use Bugzilla; use Bugzilla::Util; diff --git a/extensions/Push/lib/LogEntry.pm b/extensions/Push/lib/LogEntry.pm index b883ee095..303c19da4 100644 --- a/extensions/Push/lib/LogEntry.pm +++ b/extensions/Push/lib/LogEntry.pm @@ -12,6 +12,10 @@ use warnings; use base 'Bugzilla::Object'; +use constant AUDIT_CREATES => 0; +use constant AUDIT_UPDATES => 0; +use constant AUDIT_REMOVES => 0; + use Bugzilla; use Bugzilla::Error; use Bugzilla::Extension::Push::Constants; diff --git a/extensions/Push/lib/Message.pm b/extensions/Push/lib/Message.pm index 3d112a2e1..ebe32d0ea 100644 --- a/extensions/Push/lib/Message.pm +++ b/extensions/Push/lib/Message.pm @@ -12,6 +12,10 @@ use warnings; use base 'Bugzilla::Object'; +use constant AUDIT_CREATES => 0; +use constant AUDIT_UPDATES => 0; +use constant AUDIT_REMOVES => 0; + use Bugzilla; use Bugzilla::Error; use Bugzilla::Extension::Push::Util; |