diff options
| author | dkl%redhat.com <> | 2008-07-10 11:56:11 +0200 |
|---|---|---|
| committer | dkl%redhat.com <> | 2008-07-10 11:56:11 +0200 |
| commit | a7e7ed0f3a1d29800187a216b0363e0276d2f4ec (patch) | |
| tree | 3a432943e95f96181b967935b22b89c8837839dd /xmlrpc.cgi | |
| parent | 19cb881523a402a9c5feea49d84f991e7d2dc76c (diff) | |
| download | bugzilla-a7e7ed0f3a1d29800187a216b0363e0276d2f4ec.tar.gz bugzilla-a7e7ed0f3a1d29800187a216b0363e0276d2f4ec.tar.xz | |
Bug 428659 â Setting SSL param to 'authenticated sessions' only protects logins and param doesn't protect WebService calls at all
Patch by Dave Lawrence <dkl@redhat.com> - r/a=mkanat
Diffstat (limited to 'xmlrpc.cgi')
| -rwxr-xr-x | xmlrpc.cgi | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/xmlrpc.cgi b/xmlrpc.cgi index 324382ea2..5ca40bef0 100755 --- a/xmlrpc.cgi +++ b/xmlrpc.cgi @@ -53,5 +53,9 @@ my $dispatch = { my $response = Bugzilla::WebService::XMLRPC::Transport::HTTP::CGI ->dispatch_with($dispatch) - ->on_action(sub { Bugzilla::WebService::handle_login($dispatch, @_) } ) + ->on_action(sub { + my ($action, $uri, $method) = @_; + Bugzilla::WebService::handle_login($dispatch, @_); + Bugzilla::WebService::handle_redirect(@_); + } ) ->handle; |