From 534fc2123e40b7517aeaffd709faf72af97ac3b8 Mon Sep 17 00:00:00 2001
From: Dylan Hardison <dylan@mozilla.com>
Date: Thu, 5 Nov 2015 00:28:14 -0500
Subject: Bug 1196743 - Fix information disclosure vulnerability that allows
 attacker to obtain victim's GitHub OAuth return code

---
 extensions/GitHubAuth/lib/Util.pm | 35 -----------------------------------
 1 file changed, 35 deletions(-)
 delete mode 100644 extensions/GitHubAuth/lib/Util.pm

(limited to 'extensions/GitHubAuth/lib/Util.pm')

diff --git a/extensions/GitHubAuth/lib/Util.pm b/extensions/GitHubAuth/lib/Util.pm
deleted file mode 100644
index bda76a420..000000000
--- a/extensions/GitHubAuth/lib/Util.pm
+++ /dev/null
@@ -1,35 +0,0 @@
-# This Source Code Form is subject to the terms of the Mozilla Public
-# License, v. 2.0. If a copy of the MPL was not distributed with this
-# file, You can obtain one at http://mozilla.org/MPL/2.0/.
-#
-# This Source Code Form is "Incompatible With Secondary Licenses", as
-# defined by the Mozilla Public License, v. 2.0.
-
-package Bugzilla::Extension::GitHubAuth::Util;
-
-use strict;
-use warnings;
-
-use Bugzilla::Util qw(correct_urlbase);
-use URI;
-
-use base qw(Exporter);
-our @EXPORT = qw( target_uri );
-
-
-# this is like correct_urlbase() except it returns the *requested* uri, before http url rewrites have been applied.
-# needed to generate github's redirect_uri.
-sub target_uri {
-    my $cgi = Bugzilla->cgi;
-    my $base = URI->new(correct_urlbase());
-    if (my $request_uri = $cgi->request_uri) {
-        $base->path('');
-        $request_uri =~ s!^/+!!;
-        return URI->new($base . "/" . $request_uri);
-    }
-    else {
-        return URI->new(correct_urlbase() . $cgi->url(-relative => 1, query => ));
-    }
-}
-
-1;
-- 
cgit v1.2.3-24-g4f1b