From e2252835e8e96371d6536af5dbd72a79e6ed05b5 Mon Sep 17 00:00:00 2001
From: "mkanat%kerio.com" <>
Date: Thu, 12 May 2005 09:07:09 +0000
Subject: Bug 287109: [SECURITY] Names of private products/components can be
 exposed on certain CGIs Patch By Frederic Buclin <LpSolit@gmail.com> r=myk,
 r=joel, a=justdave

---
 post_bug.cgi | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

(limited to 'post_bug.cgi')

diff --git a/post_bug.cgi b/post_bug.cgi
index 9a4860409..b9d63b3fe 100755
--- a/post_bug.cgi
+++ b/post_bug.cgi
@@ -79,11 +79,10 @@ $template->process($format->{'template'}, $vars, \$comment)
 ValidateComment($comment);
 
 # Check that the product exists and that the user
-# is allowed to submit bugs in this product.
+# is allowed to enter bugs into this product.
 my $product = $cgi->param('product');
-if (!CanEnterProduct($product)) {
-    ThrowUserError("entry_access_denied", {product => $product});
-}
+CanEnterProductOrWarn($product);
+
 my $product_id = get_product_id($product);
 
 # Set cookies
-- 
cgit v1.2.3-24-g4f1b