From a987df219a7aa54ae2429488f9f5655402463dc5 Mon Sep 17 00:00:00 2001
From: "bugreport%peshkin.net" <>
Date: Sat, 10 Jul 2004 14:12:21 +0000
Subject: Bug 235510: Do not expose user password in URL to chart image if
 login required to access a chart patch by gerv r=kiko a=justdave

---
 chart.cgi | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'chart.cgi')

diff --git a/chart.cgi b/chart.cgi
index b6f7f746b..d3f6f5ccc 100755
--- a/chart.cgi
+++ b/chart.cgi
@@ -284,7 +284,8 @@ sub wrap {
     $vars->{'time'} = time();
 
     $vars->{'imagebase'} = $cgi->canonicalise_query(
-                "action", "action-wrap", "ctype", "format", "width", "height");
+                "action", "action-wrap", "ctype", "format", "width", "height",
+                "Bugzilla_login", "Bugzilla_password");
 
     print "Content-Type:text/html\n\n";
     $template->process("reports/chart.html.tmpl", $vars)
-- 
cgit v1.2.3-24-g4f1b