From 8f2bc1b07ce4150a878e80f5bce09e819cbfd414 Mon Sep 17 00:00:00 2001
From: "mkanat%kerio.com" <>
Date: Thu, 12 May 2005 08:52:13 +0000
Subject: Bug 287436: [SECURITY] After having logged in, links to change the
 report type contain username and password Patch By Marc Schumann
 <wurblzap@gmail.com> r=gerv, a=justdave

---
 Bugzilla/Auth/Login/WWW/CGI.pm | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'Bugzilla/Auth')

diff --git a/Bugzilla/Auth/Login/WWW/CGI.pm b/Bugzilla/Auth/Login/WWW/CGI.pm
index d99cd3b80..98fd3a6d3 100644
--- a/Bugzilla/Auth/Login/WWW/CGI.pm
+++ b/Bugzilla/Auth/Login/WWW/CGI.pm
@@ -50,6 +50,8 @@ sub login {
     # First, try the actual login method against form variables
     my $username = $cgi->param("Bugzilla_login");
     my $passwd = $cgi->param("Bugzilla_password");
+    
+    $cgi->delete('Bugzilla_login', 'Bugzilla_password');
 
     my $authmethod = Param("user_verify_class");
     my ($authres, $userid, $extra, $info) =
-- 
cgit v1.2.3-24-g4f1b