From de49ecc0ca26af7d391286d1a4b17af11920a1fd Mon Sep 17 00:00:00 2001 From: Dylan William Hardison Date: Tue, 21 Jul 2015 11:19:15 -0400 Subject: Bug 1175985 - Bugzilla Sensitive Information Disclosure Vulnerability --- extensions/GitHubAuth/Extension.pm | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'extensions/GitHubAuth') diff --git a/extensions/GitHubAuth/Extension.pm b/extensions/GitHubAuth/Extension.pm index dee927165..d68934be4 100644 --- a/extensions/GitHubAuth/Extension.pm +++ b/extensions/GitHubAuth/Extension.pm @@ -54,6 +54,15 @@ sub template_before_create { }; } +sub attachment_should_redirect_login { + my ($self, $args) = @_; + my $cgi = Bugzilla->cgi; + + if ($cgi->param('github_state') || $cgi->param('github_email')) { + ${$args->{do_redirect}} = 1; + } +} + sub auth_login_methods { my ($self, $args) = @_; my $modules = $args->{'modules'}; -- cgit v1.2.3-24-g4f1b