diff options
| author | Frédéric Buclin <LpSolit@gmail.com> | 2011-01-24 18:04:59 +0100 |
|---|---|---|
| committer | Frédéric Buclin <LpSolit@gmail.com> | 2011-01-24 18:04:59 +0100 |
| commit | f6c4abda55c83a53d32d5958cc9c81a602423c89 (patch) | |
| tree | 9778fcd7fea9c2fc0bf3b13f68113efa22c7ce3c /sanitycheck.cgi | |
| parent | 4ab5bc9f4c4ba4a7b20ebf00466f9b2de67f311d (diff) | |
| download | bugzilla-f6c4abda55c83a53d32d5958cc9c81a602423c89.tar.gz bugzilla-f6c4abda55c83a53d32d5958cc9c81a602423c89.tar.xz | |
Bug 621107: [SECURITY] Sanity checking lacks CSRF protection
r=dkl a=LpSolit
Diffstat (limited to 'sanitycheck.cgi')
| -rwxr-xr-x | sanitycheck.cgi | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/sanitycheck.cgi b/sanitycheck.cgi index a4f9832b0..6bf113b24 100755 --- a/sanitycheck.cgi +++ b/sanitycheck.cgi @@ -35,6 +35,7 @@ use Bugzilla::Error; use Bugzilla::Hook; use Bugzilla::Util; use Bugzilla::Status; +use Bugzilla::Token; ########################################################################### # General subs @@ -79,6 +80,15 @@ if (Bugzilla->usage_mode == USAGE_MODE_CMDLINE) { } else { $template = Bugzilla->template; + + # Only check the token if we are running this script from the + # web browser and a parameter is passed to the script. + # XXX - Maybe these two parameters should be deleted once logged in? + $cgi->delete('GoAheadAndLogIn', 'Bugzilla_restrictlogin'); + if (scalar($cgi->param())) { + my $token = $cgi->param('token'); + check_hash_token($token, ['sanitycheck']); + } } my $vars = {}; |