From 534fc2123e40b7517aeaffd709faf72af97ac3b8 Mon Sep 17 00:00:00 2001
From: Dylan Hardison <dylan@mozilla.com>
Date: Thu, 5 Nov 2015 00:28:14 -0500
Subject: Bug 1196743 - Fix information disclosure vulnerability that allows
 attacker to obtain victim's GitHub OAuth return code

---
 .../account/auth/login-small-additional_methods.html.tmpl    | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

(limited to 'extensions/GitHubAuth/template/en/default/hook/account/auth/login-small-additional_methods.html.tmpl')

diff --git a/extensions/GitHubAuth/template/en/default/hook/account/auth/login-small-additional_methods.html.tmpl b/extensions/GitHubAuth/template/en/default/hook/account/auth/login-small-additional_methods.html.tmpl
index 6c4582b70..f32b34a59 100644
--- a/extensions/GitHubAuth/template/en/default/hook/account/auth/login-small-additional_methods.html.tmpl
+++ b/extensions/GitHubAuth/template/en/default/hook/account/auth/login-small-additional_methods.html.tmpl
@@ -5,6 +5,7 @@
   # This Source Code Form is "Incompatible With Secondary Licenses", as
   # defined by the Mozilla Public License, v. 2.0.
   #%]
+[% USE Bugzilla %]
 
 [% IF Param('user_info_class').split(',').contains('GitHubAuth') %]
   <script type="text/javascript">
@@ -18,9 +19,12 @@
    });
   </script>
   <span id="github_mini_login[% qs_suffix FILTER html %]" class="bz_default_hidden">
-    <a href="[% github_auth.login FILTER html %]">
-      <img src="extensions/GitHubAuth/web/images/sign_in.png" height="22" width="75" align="absmiddle"
-           alt="Sign in with GitHub"
-           title="Sign in with GitHub"></a> or
+    <form method="post" action="[% urlbase FILTER html %]github.cgi">
+      <input type="hidden" name="github_secret" value="[% Bugzilla.github_secret FILTER html %]">
+      <input type="hidden" name="target_uri" value="[% Bugzilla.cgi.target_uri FILTER html %]">
+        <input type="image" src="extensions/GitHubAuth/web/images/sign_in.png" height="22" width="75" align="absmiddle"
+             alt="Sign in with GitHub"
+             title="Sign in with GitHub"></a> or
+    </form>
   </span>
 [% END %]
-- 
cgit v1.2.3-24-g4f1b