Fix for bug 108982: enable taint mode for all user-facing CGI files.

Patch by Brad Baetz <bbaetz@student.usyd.edu.au> r= jake, justdave
author: justdave%syndicomm.com <> 2002-01-20 10:44:34 +0100
committer: justdave%syndicomm.com <> 2002-01-20 10:44:34 +0100
commit: 4e6767d4c3d1b0b583f4ec076992345545294748 (patch)
tree: 44d10a299f4d910400fb420b38e21e769c00be7e /xml.cgi
parent: 72f340e3a12668c9356102c71f864afa986e001a (diff)
download: bugzilla-4e6767d4c3d1b0b583f4ec076992345545294748.tar.gz
bugzilla-4e6767d4c3d1b0b583f4ec076992345545294748.tar.xz
1 files changed, 5 insertions, 2 deletions
diff --git a/xml.cgi b/xml.cgi
index 51093890e..8b71b3837 100755
--- a/xml.cgi
+++ b/xml.cgi
@@ -1,4 +1,4 @@
-#!/usr/bonsaitools/bin/perl -w
+#!/usr/bonsaitools/bin/perl -wT
 # -*- Mode: perl; indent-tabs-mode: nil -*-
 #
 # The contents of this file are subject to the Mozilla Public
@@ -23,10 +23,13 @@
 
 use diagnostics;
 use strict;
+
+use lib qw(.);
+
 use Bug;
 require "CGI.pl";
 
-if (!defined $::FORM{'id'} || $::FORM{'id'} !~ /^\s*\d+(,\d+)*\s*$/) {
+if (!defined $::FORM{'id'} || !$::FORM{'id'}) {
   print "Content-type: text/html\n\n";
   PutHeader("Display as XML");
   print "<FORM METHOD=GET ACTION=\"xml.cgi\">\n";
author	justdave%syndicomm.com <>	2002-01-20 10:44:34 +0100
committer	justdave%syndicomm.com <>	2002-01-20 10:44:34 +0100
commit	4e6767d4c3d1b0b583f4ec076992345545294748 (patch)
tree	44d10a299f4d910400fb420b38e21e769c00be7e /xml.cgi
parent	72f340e3a12668c9356102c71f864afa986e001a (diff)
download	bugzilla-4e6767d4c3d1b0b583f4ec076992345545294748.tar.gz bugzilla-4e6767d4c3d1b0b583f4ec076992345545294748.tar.xz