summaryrefslogtreecommitdiffstats
path: root/Bugzilla
diff options
context:
space:
mode:
Diffstat (limited to 'Bugzilla')
-rw-r--r--Bugzilla/Auth/Login/CGI.pm2
-rw-r--r--Bugzilla/BugUrl/Bugzilla/Local.pm2
-rw-r--r--Bugzilla/CGI.pm31
-rw-r--r--Bugzilla/Config/Advanced.pm6
-rw-r--r--Bugzilla/Config/Attachment.pm8
-rw-r--r--Bugzilla/Config/Common.pm28
-rw-r--r--Bugzilla/Config/Core.pm46
-rw-r--r--Bugzilla/Install/Filesystem.pm12
-rw-r--r--Bugzilla/Install/Localconfig.pm19
-rw-r--r--Bugzilla/Mailer.pm9
-rw-r--r--Bugzilla/Search/Quicksearch.pm6
-rw-r--r--Bugzilla/Template.pm6
-rw-r--r--Bugzilla/Util.pm40
-rw-r--r--Bugzilla/WebService/Server/JSONRPC.pm2
-rw-r--r--Bugzilla/WebService/Server/REST.pm4
15 files changed, 52 insertions, 169 deletions
diff --git a/Bugzilla/Auth/Login/CGI.pm b/Bugzilla/Auth/Login/CGI.pm
index 22a765f61..a813529d5 100644
--- a/Bugzilla/Auth/Login/CGI.pm
+++ b/Bugzilla/Auth/Login/CGI.pm
@@ -49,7 +49,7 @@ sub get_login_info {
# Attachments are served from a separate host (ideally), and so
# an evil attachment cannot abuse this check with a redirect.
elsif (my $referer = $cgi->referer) {
- my $urlbase = correct_urlbase();
+ my $urlbase = Bugzilla->localconfig->{urlbase};
$valid = 1 if $referer =~ /^\Q$urlbase\E/;
}
# If the web browser doesn't accept cookies and the Referer header
diff --git a/Bugzilla/BugUrl/Bugzilla/Local.pm b/Bugzilla/BugUrl/Bugzilla/Local.pm
index a5cb5d49b..14d03f048 100644
--- a/Bugzilla/BugUrl/Bugzilla/Local.pm
+++ b/Bugzilla/BugUrl/Bugzilla/Local.pm
@@ -96,7 +96,7 @@ sub _check_value {
sub local_uri {
my ($self, $bug_id) = @_;
$bug_id ||= '';
- return correct_urlbase() . "show_bug.cgi?id=$bug_id";
+ return Bugzilla->localconfig->{urlbase} . "show_bug.cgi?id=$bug_id";
}
1;
diff --git a/Bugzilla/CGI.pm b/Bugzilla/CGI.pm
index ea8d96da8..0f9b0cf88 100644
--- a/Bugzilla/CGI.pm
+++ b/Bugzilla/CGI.pm
@@ -57,12 +57,12 @@ sub DEFAULT_CSP {
# Because show_bug code lives in many different .cgi files,
# we needed a centralized place to define the policy.
# normally the policy would just live in one .cgi file.
-# Additionally, correct_urlbase() cannot be called at compile time, so this can't be a constant.
+# Additionally, Bugzilla->localconfig->{urlbase} cannot be called at compile time, so this can't be a constant.
sub SHOW_BUG_MODAL_CSP {
my ($bug_id) = @_;
my %policy = (
script_src => ['self', 'nonce', 'unsafe-inline', 'unsafe-eval', 'https://www.google-analytics.com' ],
- object_src => [correct_urlbase() . "extensions/BugModal/web/ZeroClipboard/ZeroClipboard.swf"],
+ object_src => [Bugzilla->localconfig->{urlbase} . "extensions/BugModal/web/ZeroClipboard/ZeroClipboard.swf"],
img_src => [ 'self', 'https://secure.gravatar.com', 'https://www.google-analytics.com' ],
connect_src => [
'self',
@@ -76,7 +76,7 @@ sub SHOW_BUG_MODAL_CSP {
],
);
if (use_attachbase() && $bug_id) {
- my $attach_base = Bugzilla->params->{'attachment_base'};
+ my $attach_base = Bugzilla->localconfig->{'attachment_base'};
$attach_base =~ s/\%bugid\%/$bug_id/g;
push @{ $policy{img_src} }, $attach_base;
}
@@ -141,7 +141,7 @@ sub new {
# Send appropriate charset
$self->charset(Bugzilla->params->{'utf8'} ? 'UTF-8' : '');
- # Redirect to urlbase/sslbase if we are not viewing an attachment.
+ # Redirect to urlbase if we are not viewing an attachment.
if ($self->url_is_attachment_base and $script ne 'attachment.cgi') {
$self->redirect_to_urlbase();
}
@@ -177,7 +177,7 @@ sub new {
sub target_uri {
my ($self) = @_;
- my $base = correct_urlbase();
+ my $base = Bugzilla->localconfig->{urlbase};
if (my $request_uri = $self->request_uri) {
my $base_uri = URI->new($base);
$base_uri->path('');
@@ -594,11 +594,12 @@ sub send_cookie {
}
# Add the default path and the domain in.
- $paramhash{'-path'} = Bugzilla->params->{'cookiepath'};
- $paramhash{'-domain'} = Bugzilla->params->{'cookiedomain'}
- if Bugzilla->params->{'cookiedomain'};
+ state $uri = URI->new( Bugzilla->localconfig->{urlbase} );
+ $paramhash{'-path'} = $uri->path;
+ # we don't set the domain.
$paramhash{'-secure'} = 1
- if Bugzilla->params->{'ssl_redirect'};
+ if lc( $uri->scheme ) eq 'https';
+
# Move the param list back into an array for the call to cookie().
foreach (keys(%paramhash)) {
@@ -683,14 +684,15 @@ sub redirect_search_url {
sub redirect_to_https {
my $self = shift;
- my $sslbase = Bugzilla->params->{'sslbase'};
+ my $urlbase = Bugzilla->localconfig->{'urlbase'};
+
# If this is a POST, we don't want ?POSTDATA in the query string.
# We expect the client to re-POST, which may be a violation of
# the HTTP spec, but the only time we're expecting it often is
# in the WebService, and WebService clients usually handle this
# correctly.
$self->delete('POSTDATA');
- my $url = $sslbase . $self->url('-path_info' => 1, '-query' => 1,
+ my $url = $urlbase . $self->url('-path_info' => 1, '-query' => 1,
'-relative' => 1);
# XML-RPC clients (SOAP::Lite at least) require a 301 to redirect properly
@@ -707,14 +709,14 @@ sub redirect_to_https {
sub redirect_to_urlbase {
my $self = shift;
my $path = $self->url('-path_info' => 1, '-query' => 1, '-relative' => 1);
- print $self->redirect('-location' => correct_urlbase() . $path);
+ print $self->redirect('-location' => Bugzilla->localconfig->{urlbase} . $path);
exit;
}
sub url_is_attachment_base {
my ($self, $id) = @_;
return 0 if !use_attachbase() or !i_am_cgi();
- my $attach_base = Bugzilla->params->{'attachment_base'};
+ my $attach_base = Bugzilla->localconfig->{'attachment_base'};
# If we're passed an id, we only want one specific attachment base
# for a particular bug. If we're not passed an ID, we just want to
# know if our current URL matches the attachment_base *pattern*.
@@ -860,9 +862,6 @@ As its only argument, it takes the name of the cookie to expire.
=item C<redirect_to_https>
-This routine redirects the client to the https version of the page that
-they're looking at, using the C<sslbase> parameter for the redirection.
-
Generally you should use L<Bugzilla::Util/do_ssl_redirect_if_required>
instead of calling this directly.
diff --git a/Bugzilla/Config/Advanced.pm b/Bugzilla/Config/Advanced.pm
index d7fdd34aa..dc5be490f 100644
--- a/Bugzilla/Config/Advanced.pm
+++ b/Bugzilla/Config/Advanced.pm
@@ -17,12 +17,6 @@ our $sortkey = 1700;
use constant get_param_list => (
{
- name => 'cookiedomain',
- type => 't',
- default => ''
- },
-
- {
name => 'inbound_proxies',
type => 't',
default => '',
diff --git a/Bugzilla/Config/Attachment.pm b/Bugzilla/Config/Attachment.pm
index bc2f45029..c3dbd03ed 100644
--- a/Bugzilla/Config/Attachment.pm
+++ b/Bugzilla/Config/Attachment.pm
@@ -24,12 +24,6 @@ sub get_param_list {
default => 0
},
{
- name => 'attachment_base',
- type => 't',
- default => '',
- checker => \&check_urlbase
- },
- {
name => 'allow_attachment_deletion',
type => 'b',
default => 0
@@ -68,7 +62,7 @@ sub get_param_list {
sub check_params {
my ( $class, $params ) = @_;
- return unless $params->{attachment_storage} eq 's3';
+ return '' unless $params->{attachment_storage} eq 's3';
if ( $params->{s3_bucket} eq ''
|| $params->{aws_access_key_id} eq ''
diff --git a/Bugzilla/Config/Common.pm b/Bugzilla/Config/Common.pm
index 8b1a9da91..fabf7c880 100644
--- a/Bugzilla/Config/Common.pm
+++ b/Bugzilla/Config/Common.pm
@@ -23,7 +23,7 @@ use Bugzilla::Status;
use base qw(Exporter);
@Bugzilla::Config::Common::EXPORT = qw(
check_multi check_numeric check_regexp check_url check_group
- check_sslbase check_priority check_severity check_platform
+ check_priority check_severity check_platform
check_opsys check_shadowdb check_urlbase check_webdotbase
check_user_verify_class
check_mail_delivery_method check_notification check_utf8
@@ -81,32 +81,6 @@ sub check_email {
return "";
}
-sub check_sslbase {
- my $url = shift;
- if ( $url ne '' ) {
- if ( $url !~ m#^https://([^/]+).*/$# ) {
- return "must be a legal URL, that starts with https and ends with a slash.";
- }
- my $host = $1;
-
- # Fall back to port 443 if for some reason getservbyname() fails.
- my $port = getservbyname( 'https', 'tcp' ) || 443;
- if ( $host =~ /^(.+):(\d+)$/ ) {
- $host = $1;
- $port = $2;
- }
- local *SOCK;
- my $proto = getprotobyname('tcp');
- socket( SOCK, PF_INET, SOCK_STREAM, $proto );
- my $iaddr = inet_aton($host) || return "The host $host cannot be resolved";
- my $sin = sockaddr_in( $port, $iaddr );
- if ( !connect( SOCK, $sin ) ) {
- return "Failed to connect to $host:$port; unable to enable SSL";
- }
- close(SOCK);
- }
- return "";
-}
sub check_utf8 {
my $utf8 = shift;
diff --git a/Bugzilla/Config/Core.pm b/Bugzilla/Config/Core.pm
deleted file mode 100644
index b3848a16e..000000000
--- a/Bugzilla/Config/Core.pm
+++ /dev/null
@@ -1,46 +0,0 @@
-# This Source Code Form is subject to the terms of the Mozilla Public
-# License, v. 2.0. If a copy of the MPL was not distributed with this
-# file, You can obtain one at http://mozilla.org/MPL/2.0/.
-#
-# This Source Code Form is "Incompatible With Secondary Licenses", as
-# defined by the Mozilla Public License, v. 2.0.
-
-package Bugzilla::Config::Core;
-
-use 5.10.1;
-use strict;
-use warnings;
-
-use Bugzilla::Config::Common;
-
-our $sortkey = 100;
-
-use constant get_param_list => (
- {
- name => 'urlbase',
- type => 't',
- default => '',
- checker => \&check_urlbase
- },
-
- {
- name => 'ssl_redirect',
- type => 'b',
- default => 0
- },
-
- {
- name => 'sslbase',
- type => 't',
- default => '',
- checker => \&check_sslbase
- },
-
- {
- name => 'cookiepath',
- type => 't',
- default => '/'
- },
-);
-
-1;
diff --git a/Bugzilla/Install/Filesystem.pm b/Bugzilla/Install/Filesystem.pm
index bb87e499e..01b8d7e8e 100644
--- a/Bugzilla/Install/Filesystem.pm
+++ b/Bugzilla/Install/Filesystem.pm
@@ -416,9 +416,6 @@ sub FILESYSTEM {
"skins/yui3.css" => { perms => CGI_READ,
overwrite => 1,
contents => $yui3_all_css },
- "robots.txt" => { perms => CGI_READ,
- overwrite => 1,
- contents => \&robots_txt},
"httpd/env.conf" => { perms => CGI_READ,
overwrite => 1,
contents => \&HTTPD_ENV_CONF },
@@ -969,15 +966,6 @@ sub _check_web_server_group {
return $group_id;
}
-sub robots_txt {
- my $output = '';
- my %vars;
- Bugzilla::Hook::process("before_robots_txt", { vars => \%vars });
- Bugzilla->template->process("robots.txt.tmpl", \%vars, \$output)
- or die Bugzilla->template->error;
- return $output;
-}
-
1;
diff --git a/Bugzilla/Install/Localconfig.pm b/Bugzilla/Install/Localconfig.pm
index c1c8fb12e..f877829c5 100644
--- a/Bugzilla/Install/Localconfig.pm
+++ b/Bugzilla/Install/Localconfig.pm
@@ -31,6 +31,7 @@ use Tie::Hash::NamedCapture;
use Safe;
use Term::ANSIColor;
use Taint::Util qw(untaint);
+use Sys::Hostname qw(hostname);
use parent qw(Exporter);
@@ -122,10 +123,11 @@ use constant LOCALCONFIG_VARS => (
},
{
name => 'diffpath',
- default => sub { dirname(bin_loc('diff')) },
+ default => sub { dirname( bin_loc('diff') ) },
},
{
- name => 'site_wide_secret',
+ name => 'site_wide_secret',
+
# 64 characters is roughly the equivalent of a 384-bit key, which
# is larger than anybody would ever be able to brute-force.
default => sub { generate_random_password(64) },
@@ -148,14 +150,23 @@ use constant LOCALCONFIG_VARS => (
},
{
name => 'memcached_servers',
- default => _migrate_param("memcached_servers", ""),
+ default => _migrate_param( "memcached_servers", "" ),
},
{
name => 'memcached_namespace',
- default => _migrate_param("memcached_namespace", "bugzilla:"),
+ default => _migrate_param( "memcached_namespace", "bugzilla:" ),
+ },
+ {
+ name => 'urlbase',
+ default => _migrate_param( "urlbase", "" ),
},
+ {
+ name => 'attachment_base',
+ default => _migrate_param( "attachment_base", '' ),
+ }
);
+
use constant ENV_KEYS => (
(map { ENV_PREFIX . $_->{name} } LOCALCONFIG_VARS),
(map { ENV_PREFIX . $_ } PARAM_OVERRIDE),
diff --git a/Bugzilla/Mailer.pm b/Bugzilla/Mailer.pm
index 768f68607..6e46d1862 100644
--- a/Bugzilla/Mailer.pm
+++ b/Bugzilla/Mailer.pm
@@ -104,10 +104,7 @@ sub MessageToMTA {
# We add this header to uniquely identify all email that we
# send as coming from this Bugzilla installation.
#
- # We don't use correct_urlbase, because we want this URL to
- # *always* be the same for this Bugzilla, in every email,
- # even if the admin changes the "ssl_redirect" parameter some day.
- $email->header_set('X-Bugzilla-URL', Bugzilla->params->{'urlbase'});
+ $email->header_set('X-Bugzilla-URL', Bugzilla->localconfig->{urlbase});
# We add this header to mark the mail as "auto-generated" and
# thus to hopefully avoid auto replies.
@@ -156,7 +153,7 @@ sub MessageToMTA {
else {
# Sendmail will automatically append our hostname to the From
# address, but other mailers won't.
- my $urlbase = Bugzilla->params->{'urlbase'};
+ my $urlbase = Bugzilla->localconfig->{urlbase};
$urlbase =~ m|//([^:/]+)[:/]?|;
$hostname = $1;
$from .= "\@$hostname" if $from !~ /@/;
@@ -248,7 +245,7 @@ sub build_thread_marker {
$user_id = Bugzilla->user->id;
}
- my $sitespec = '@' . Bugzilla->params->{'urlbase'};
+ my $sitespec = '@' . Bugzilla->localconfig->{urlbase};
$sitespec =~ s/:\/\//\./; # Make the protocol look like part of the domain
$sitespec =~ s/^([^:\/]+):(\d+)/$1/; # Remove a port number, to relocate
if ($2) {
diff --git a/Bugzilla/Search/Quicksearch.pm b/Bugzilla/Search/Quicksearch.pm
index b28829c3a..6897d2219 100644
--- a/Bugzilla/Search/Quicksearch.pm
+++ b/Bugzilla/Search/Quicksearch.pm
@@ -266,7 +266,7 @@ sub quicksearch {
my $modified_query_string = $cgi->canonicalise_query(@params_to_strip);
if ($cgi->param('load')) {
- my $urlbase = correct_urlbase();
+ my $urlbase = Bugzilla->localconfig->{urlbase};
# Param 'load' asks us to display the query in the advanced search form.
print $cgi->redirect(-uri => "${urlbase}query.cgi?format=advanced&amp;"
. $modified_query_string);
@@ -315,7 +315,7 @@ sub _bug_numbers_only {
if ($searchstring !~ /,/ && !i_am_webservice()) {
# Single bug number; shortcut to show_bug.cgi.
print $cgi->redirect(
- -uri => correct_urlbase() . "show_bug.cgi?id=$searchstring");
+ -uri => Bugzilla->localconfig->{urlbase} . "show_bug.cgi?id=$searchstring");
exit;
}
else {
@@ -338,7 +338,7 @@ sub _handle_alias {
if ($bug_id && Bugzilla->user->can_see_bug($bug_id) && !i_am_webservice()) {
$alias = url_quote($alias);
print Bugzilla->cgi->redirect(
- -uri => correct_urlbase() . "show_bug.cgi?id=$alias");
+ -uri => Bugzilla->localconfig->{urlbase} . "show_bug.cgi?id=$alias");
exit;
}
}
diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm
index 49b7e9435..206f2f3cb 100644
--- a/Bugzilla/Template.pm
+++ b/Bugzilla/Template.pm
@@ -191,9 +191,7 @@ sub quoteUrls {
}
# Provide tooltips for full bug links (Bug 74355)
- my $urlbase_re = '(' . join('|',
- map { qr/$_/ } grep($_, Bugzilla->params->{'urlbase'},
- Bugzilla->params->{'sslbase'})) . ')';
+ my $urlbase_re = quotemeta(Bugzilla->localconfig->{urlbase});
$text =~ s~\b(${urlbase_re}\Qshow_bug.cgi?id=\E([0-9]+)(\#c([0-9]+))?)\b
~($things[$count++] = $bug_link_func->($3, $1, { comment_num => $5, user => $user })) &&
("\x{FDD2}" . ($count-1) . "\x{FDD3}")
@@ -1036,7 +1034,7 @@ sub create {
'sudoer' => sub { return Bugzilla->sudoer; },
# Allow templates to access the "corect" URLBase value
- 'urlbase' => sub { return Bugzilla::Util::correct_urlbase(); },
+ 'urlbase' => sub { return Bugzilla->localconfig->{urlbase}; },
# Allow templates to access docs url with users' preferred language
'docs_urlbase' => sub {
diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm
index df2f78823..c23e738e6 100644
--- a/Bugzilla/Util.pm
+++ b/Bugzilla/Util.pm
@@ -259,34 +259,14 @@ sub i_am_webservice {
# (doing so can mess up XML-RPC).
sub do_ssl_redirect_if_required {
return if !i_am_cgi();
- return if !Bugzilla->params->{'ssl_redirect'};
-
- my $sslbase = Bugzilla->params->{'sslbase'};
+ my $uri = URI->new(Bugzilla->localconfig->{'urlbase'});
+ return if $uri->scheme ne 'https';
# If we're already running under SSL, never redirect.
- return if uc($ENV{HTTPS} || '') eq 'ON';
- # Never redirect if there isn't an sslbase.
- return if !$sslbase;
+ return if $ENV{HTTPS} && $ENV{HTTPS} eq 'on';
Bugzilla->cgi->redirect_to_https();
}
-sub correct_urlbase {
- my $ssl = Bugzilla->params->{'ssl_redirect'};
- my $urlbase = Bugzilla->params->{'urlbase'};
- my $sslbase = Bugzilla->params->{'sslbase'};
-
- if (!$sslbase) {
- return $urlbase;
- }
- elsif ($ssl) {
- return $sslbase;
- }
- else {
- # Return what the user currently uses.
- return (uc($ENV{HTTPS} || '') eq 'ON') ? $sslbase : $urlbase;
- }
-}
-
# Returns the real remote address of the client,
sub remote_ip {
my $remote_ip = $ENV{'REMOTE_ADDR'} || '127.0.0.1';
@@ -383,10 +363,9 @@ sub is_ipv6 {
}
sub use_attachbase {
- my $attachbase = Bugzilla->params->{'attachment_base'};
- return ($attachbase ne ''
- && $attachbase ne Bugzilla->params->{'urlbase'}
- && $attachbase ne Bugzilla->params->{'sslbase'}) ? 1 : 0;
+ my $attachbase = Bugzilla->localconfig->{'attachment_base'};
+ my $urlbase = Bugzilla->localconfig->{'urlbase'};
+ return ($attachbase ne '' && $attachbase ne $urlbase);
}
sub diff_arrays {
@@ -932,7 +911,7 @@ Bugzilla::Util - Generic utility functions for bugzilla
# Functions that tell you about your environment
my $is_cgi = i_am_cgi();
my $is_webservice = i_am_webservice();
- my $urlbase = correct_urlbase();
+ my $urlbase = Bugzilla->localconfig->{urlbase};
# Data manipulation
($removed, $added) = diff_arrays(\@old, \@new);
@@ -1066,11 +1045,6 @@ in a command-line script.
Tells you whether or not the current usage mode is WebServices related
such as JSONRPC or XMLRPC.
-=item C<correct_urlbase()>
-
-Returns either the C<sslbase> or C<urlbase> parameter, depending on the
-current setting for the C<ssl_redirect> parameter.
-
=item C<remote_ip()>
Returns the IP address of the remote client. If Bugzilla is behind
diff --git a/Bugzilla/WebService/Server/JSONRPC.pm b/Bugzilla/WebService/Server/JSONRPC.pm
index 0bd7b4648..093167048 100644
--- a/Bugzilla/WebService/Server/JSONRPC.pm
+++ b/Bugzilla/WebService/Server/JSONRPC.pm
@@ -149,7 +149,7 @@ sub retrieve_json_from_get {
# order to throw proper errors. We use the installation's urlbase as
# the id, in this case.
else {
- $id = correct_urlbase();
+ $id = Bugzilla->localconfig->{urlbase};
}
# Setting _bz_request_id here is required in case we throw errors early,
# before _handle.
diff --git a/Bugzilla/WebService/Server/REST.pm b/Bugzilla/WebService/Server/REST.pm
index 6e1944061..6fb86fdd4 100644
--- a/Bugzilla/WebService/Server/REST.pm
+++ b/Bugzilla/WebService/Server/REST.pm
@@ -17,7 +17,7 @@ use Bugzilla;
use Bugzilla::Constants;
use Bugzilla::Error;
use Bugzilla::Hook;
-use Bugzilla::Util qw(correct_urlbase html_quote disable_utf8 enable_utf8);
+use Bugzilla::Util qw(html_quote disable_utf8 enable_utf8);
use Bugzilla::WebService::Constants;
use Bugzilla::WebService::Util qw(taint_data fix_credentials);
@@ -94,7 +94,7 @@ sub handle {
# also set up the correct handler method
my $obj = {
version => '1.1',
- id => correct_urlbase(),
+ id => Bugzilla->localconfig->{urlbase},
method => $self->bz_method_name,
params => $params
};