From ad1e3aef99b806d7f4a5bd18aa0c8cc6102f62e6 Mon Sep 17 00:00:00 2001
From: David Lawrence <dlawrence@mozilla.com>
Date: Mon, 24 Jan 2011 14:35:31 -0500
Subject: Bug 621105 - [SECURITY] Voting lacks CSRF protection
 r=mkanat,a=LpSolit

---
 extensions/Voting/Extension.pm | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'extensions/Voting/Extension.pm')

diff --git a/extensions/Voting/Extension.pm b/extensions/Voting/Extension.pm
index d94ff8430..8417e0ec3 100644
--- a/extensions/Voting/Extension.pm
+++ b/extensions/Voting/Extension.pm
@@ -36,6 +36,7 @@ use Bugzilla::Field;
 use Bugzilla::Mailer;
 use Bugzilla::User;
 use Bugzilla::Util qw(detaint_natural);
+use Bugzilla::Token;
 
 use List::Util qw(min);
 
@@ -529,6 +530,9 @@ sub _update_votes {
         || ThrowUserError("voting_must_be_nonnegative");
     }
 
+    my $token = $cgi->param('token');
+    check_hash_token($token, ['vote']);
+
     ############################################################################
     # End Data/Security Validation
     ############################################################################
-- 
cgit v1.2.3-24-g4f1b