From 40e28180ebcc7996ff3c8e1a20439c019d6bd6b6 Mon Sep 17 00:00:00 2001
From: Byron Jones <bjones@mozilla.com>
Date: Wed, 29 Feb 2012 12:54:01 +0800
Subject: Bug 731219: Fix XMLRPC breakage when content-type contains a charset
 r=dkl, a=LpSolit

---
 Bugzilla/WebService/Server/XMLRPC.pm | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'Bugzilla/WebService/Server')

diff --git a/Bugzilla/WebService/Server/XMLRPC.pm b/Bugzilla/WebService/Server/XMLRPC.pm
index 33a1e92d3..e8fb5de99 100644
--- a/Bugzilla/WebService/Server/XMLRPC.pm
+++ b/Bugzilla/WebService/Server/XMLRPC.pm
@@ -80,7 +80,10 @@ sub deserialize {
     my $self = shift;
 
     # Only allow certain content types to protect against CSRF attacks
-    if (!grep($_ eq $ENV{'CONTENT_TYPE'}, XMLRPC_CONTENT_TYPE_WHITELIST)) {
+    my $content_type = lc($ENV{'CONTENT_TYPE'});
+    # Remove charset, etc, if provided
+    $content_type =~ s/^([^;]+);.*/$1/;
+    if (!grep($_ eq $content_type, XMLRPC_CONTENT_TYPE_WHITELIST)) {
         ThrowUserError('xmlrpc_illegal_content_type',
                        { content_type => $ENV{'CONTENT_TYPE'} });
     }
-- 
cgit v1.2.3-24-g4f1b