summaryrefslogtreecommitdiffstats
path: root/Bugzilla/WebService/Server/JSONRPC.pm
diff options
context:
space:
mode:
Diffstat (limited to 'Bugzilla/WebService/Server/JSONRPC.pm')
-rw-r--r--Bugzilla/WebService/Server/JSONRPC.pm3
1 files changed, 3 insertions, 0 deletions
diff --git a/Bugzilla/WebService/Server/JSONRPC.pm b/Bugzilla/WebService/Server/JSONRPC.pm
index b453c6196..e54387a6d 100644
--- a/Bugzilla/WebService/Server/JSONRPC.pm
+++ b/Bugzilla/WebService/Server/JSONRPC.pm
@@ -26,6 +26,7 @@ use base qw(JSON::RPC::Server::CGI Bugzilla::WebService::Server);
use Bugzilla::Error;
use Bugzilla::WebService::Constants;
+use Bugzilla::WebService::Util qw(taint_data);
use Date::Parse;
use DateTime;
@@ -123,6 +124,8 @@ sub _argument_type_check {
$params = $params->[0];
}
+ taint_data($params);
+
# Now, convert dateTime fields on input.
$self->_bz_method_name =~ /^(\S+)\.(\S+)$/;
my ($class, $method) = ($1, $2);
generated by cgit v1.2.3-24-g4f1b (git 2.32.0) at 2024-04-30 12:38:54 +0200