From 8d70890dc0b7c24b25a344808ac4e63e6a5dd74e Mon Sep 17 00:00:00 2001 From: "lpsolit%gmail.com" <> Date: Mon, 2 Feb 2009 18:21:33 +0000 Subject: Bug 38862: [SECURITY] attachments should be at a different hostname - Patch by Byron Jones and Frédéric Buclin r=mkanat a=LpSolit MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Bugzilla/Util.pm | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) (limited to 'Bugzilla/Util.pm') diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm index 01f824c5b..951c4df3c 100644 --- a/Bugzilla/Util.pm +++ b/Bugzilla/Util.pm @@ -36,7 +36,7 @@ use base qw(Exporter); html_quote url_quote xml_quote css_class_quote html_light_quote url_decode i_am_cgi get_netaddr correct_urlbase - lsearch ssl_require_redirect + lsearch ssl_require_redirect use_attachbase diff_arrays diff_strings trim wrap_hard wrap_comment find_wrap_point format_time format_time_decimal validate_date @@ -294,6 +294,13 @@ sub correct_urlbase { return Bugzilla->params->{'urlbase'}; } +sub use_attachbase { + my $attachbase = Bugzilla->params->{'attachment_base'}; + return ($attachbase ne '' + && $attachbase ne Bugzilla->params->{'urlbase'} + && $attachbase ne Bugzilla->params->{'sslbase'}) ? 1 : 0; +} + sub lsearch { my ($list,$item) = (@_); my $count = 0; @@ -803,6 +810,11 @@ cookies) to only some addresses. Returns either the C or C parameter, depending on the current setting for the C parameter. +=item C + +Returns true if an alternate host is used to display attachments; false +otherwise. + =back =head2 Searching -- cgit v1.2.3-24-g4f1b