1 files changed, 9 insertions, 1 deletions

diff --git a/Bugzilla/CGI.pm b/Bugzilla/CGI.pm
index 4deb5aa52..d24722fcc 100644
--- a/Bugzilla/CGI.pm
+++ b/Bugzilla/CGI.pm
@@ -375,7 +375,7 @@ sub header {
     # To initiate github login, a form POSTs to github.cgi with the
     # github_secret as a parameter. It must match the github_secret cookie.
     # this prevents some types of redirection attacks.
-    unless ($user->id) {
+    unless ($user->id || $self->{bz_redirecting}) {
         $self->send_cookie(-name     => 'github_secret',
                            -value    => Bugzilla->github_secret,
                            -httponly => 1);
@@ -524,6 +524,14 @@ sub remove_cookie {
                        '-value'   => 'X');
 }
 
+# To avoid infinite redirection recursion, track when we're within a redirect
+# request.
+sub redirect {
+    my $self = shift;
+    $self->{bz_redirecting} = 1;
+    return $self->SUPER::redirect(@_);
+}
+
 # This helps implement Bugzilla::Search::Recent, and also shortens search
 # URLs that get POSTed to buglist.cgi.
 sub redirect_search_url {