From 16122921b2f68b490a61cd80ae9ea5ee661ae11b Mon Sep 17 00:00:00 2001
From: David Lawrence <dkl@mozilla.com>
Date: Wed, 21 Jan 2015 20:37:49 +0000
Subject: Bug 1090275: WebServices modules should maintain a whitelist of
 methods that are allowed instead of allowing access to any function imported
 into its namespace r=dylan,a=glob

---
 Bugzilla/WebService.pm | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'Bugzilla/WebService.pm')

diff --git a/Bugzilla/WebService.pm b/Bugzilla/WebService.pm
index 1bdeb49d1..f80813744 100644
--- a/Bugzilla/WebService.pm
+++ b/Bugzilla/WebService.pm
@@ -27,6 +27,10 @@ use constant LOGIN_EXEMPT => { };
 # Methods that can modify data MUST not be listed here.
 use constant READ_ONLY => ();
 
+# Whitelist of methods that a client is allowed to access when making
+# an API call.
+use constant PUBLIC_METHODS => ();
+
 sub login_exempt {
     my ($class, $method) = @_;
     return $class->LOGIN_EXEMPT->{$method};
-- 
cgit v1.2.3-24-g4f1b