summaryrefslogtreecommitdiffstats
path: root/template/en/default
diff options
context:
space:
mode:
authorDavid Lawrence <dlawrence@mozilla.com>2011-01-07 05:02:28 +0100
committerDavid Lawrence <dlawrence@mozilla.com>2011-01-07 05:02:28 +0100
commitaa94254a92a7d1c4f09275b5937c3eae7300dad6 (patch)
tree64bbd301a0251b2f89d0d16ca80958f3357ba512 /template/en/default
parent8cea190794a75022d3d95932b5895a21afb0b298 (diff)
downloadbugzilla-aa94254a92a7d1c4f09275b5937c3eae7300dad6.tar.gz
bugzilla-aa94254a92a7d1c4f09275b5937c3eae7300dad6.tar.xz
Bug 621090 - [SECURITY] Adding saved searches lacks CSRF protection
r/a=mkanat
Diffstat (limited to 'template/en/default')
-rw-r--r--template/en/default/global/per-bug-queries.html.tmpl1
-rw-r--r--template/en/default/list/list.html.tmpl1
2 files changed, 2 insertions, 0 deletions
diff --git a/template/en/default/global/per-bug-queries.html.tmpl b/template/en/default/global/per-bug-queries.html.tmpl
index 3c62e35f5..a7c073ba1 100644
--- a/template/en/default/global/per-bug-queries.html.tmpl
+++ b/template/en/default/global/per-bug-queries.html.tmpl
@@ -63,6 +63,7 @@
<input type="hidden" name="cmdtype" value="doit">
<input type="hidden" name="remtype" value="asnamed">
<input type="hidden" name="list_of_bugs" value="1">
+ <input type="hidden" name="token" value="[% issue_hash_token(['savedsearch']) FILTER html %]">
<select id="lob_action" name="action" onchange="update_text();">
<option value="add">Add</option>
[% IF lists_of_bugs.size %]
diff --git a/template/en/default/list/list.html.tmpl b/template/en/default/list/list.html.tmpl
index 4ebc7194c..924ce23dc 100644
--- a/template/en/default/list/list.html.tmpl
+++ b/template/en/default/list/list.html.tmpl
@@ -253,6 +253,7 @@
value="[% urlquerypart FILTER html %][% "&order=$qorder" FILTER html IF order %]">
<input type="hidden" name="cmdtype" value="doit">
<input type="hidden" name="remtype" value="asnamed">
+ <input type="hidden" name="token" value="[% issue_hash_token(['savedsearch']) FILTER html %]">
<input type="text" id="save_newqueryname" name="newqueryname" size="20"
value="[% defaultsavename FILTER html %]">
</form>