From a05220de2e69d4b6ef212d1f3556fa848b6e1508 Mon Sep 17 00:00:00 2001 From: Dave Lawrence Date: Fri, 10 Aug 2012 16:57:23 -0400 Subject: Bug 779088 - Allow extensions to whitelist PATH_INFO r/a=LpSolit --- Bugzilla/CGI.pm | 12 +++++++++--- Bugzilla/Hook.pm | 16 ++++++++++++++++ 2 files changed, 25 insertions(+), 3 deletions(-) (limited to 'Bugzilla') diff --git a/Bugzilla/CGI.pm b/Bugzilla/CGI.pm index cb09c0066..febbff618 100644 --- a/Bugzilla/CGI.pm +++ b/Bugzilla/CGI.pm @@ -59,14 +59,20 @@ sub new { # Path-Info is of no use for Bugzilla and interacts badly with IIS. # Moreover, it causes unexpected behaviors, such as totally breaking - # the rendering of pages. Skip it! - print $self->redirect($self->url(-path => 0, -query => 1)) if $self->path_info; + # the rendering of pages. + my $script = basename($0); + if ($self->path_info) { + my @whitelist; + Bugzilla::Hook::process('path_info_whitelist', { whitelist => \@whitelist }); + if (!grep($_ eq $script, @whitelist)) { + print $self->redirect($self->url(-path => 0, -query => 1)); + } + } # Send appropriate charset $self->charset(Bugzilla->params->{'utf8'} ? 'UTF-8' : ''); # Redirect to urlbase/sslbase if we are not viewing an attachment. - my $script = basename($0); if ($self->url_is_attachment_base and $script ne 'attachment.cgi') { $self->redirect_to_urlbase(); } diff --git a/Bugzilla/Hook.pm b/Bugzilla/Hook.pm index 730170663..3b8b52805 100644 --- a/Bugzilla/Hook.pm +++ b/Bugzilla/Hook.pm @@ -1289,6 +1289,22 @@ your template. =back +=head2 path_info_whitelist + +By default, Bugzilla removes the Path-Info information from URLs before +passing data to CGI scripts. If this information is needed for your +customizations, you can enumerate the pages you want to whitelist here. + +Params: + +=over + +=item C + +An array of script names that will not have their Path-Info automatically +removed. + +=back =head2 post_bug_after_creation -- cgit v1.2.3-24-g4f1b