summaryrefslogtreecommitdiffstats
path: root/xmlrpc.cgi
diff options
context:
space:
mode:
authordkl%redhat.com <>2008-07-10 11:56:11 +0200
committerdkl%redhat.com <>2008-07-10 11:56:11 +0200
commita7e7ed0f3a1d29800187a216b0363e0276d2f4ec (patch)
tree3a432943e95f96181b967935b22b89c8837839dd /xmlrpc.cgi
parent19cb881523a402a9c5feea49d84f991e7d2dc76c (diff)
downloadbugzilla-a7e7ed0f3a1d29800187a216b0363e0276d2f4ec.tar.gz
bugzilla-a7e7ed0f3a1d29800187a216b0363e0276d2f4ec.tar.xz
Bug 428659 – Setting SSL param to 'authenticated sessions' only protects logins and param doesn't protect WebService calls at all
Patch by Dave Lawrence <dkl@redhat.com> - r/a=mkanat
Diffstat (limited to 'xmlrpc.cgi')
-rwxr-xr-xxmlrpc.cgi6
1 files changed, 5 insertions, 1 deletions
diff --git a/xmlrpc.cgi b/xmlrpc.cgi
index 324382ea2..5ca40bef0 100755
--- a/xmlrpc.cgi
+++ b/xmlrpc.cgi
@@ -53,5 +53,9 @@ my $dispatch = {
my $response = Bugzilla::WebService::XMLRPC::Transport::HTTP::CGI
->dispatch_with($dispatch)
- ->on_action(sub { Bugzilla::WebService::handle_login($dispatch, @_) } )
+ ->on_action(sub {
+ my ($action, $uri, $method) = @_;
+ Bugzilla::WebService::handle_login($dispatch, @_);
+ Bugzilla::WebService::handle_redirect(@_);
+ } )
->handle;