diff options
| author |   Frédéric Buclin <LpSolit@gmail.com> | 2011-01-24 18:12:29 +0100 |
|---|---|---|
| committer | Frédéric Buclin <LpSolit@gmail.com> | 2011-01-24 18:12:29 +0100 |
| commit | 10b4a9266d92269fd48d12d1a6de983858ea9b74 (patch) | |
| tree | ff5fa498403d5f40f6a68daa5752152ed6f137ea /chart.cgi | |
| parent | Bug 621107: [SECURITY] Sanity checking lacks CSRF protection (diff) | |
| download | bugzilla-10b4a9266d92269fd48d12d1a6de983858ea9b74.tar.gz bugzilla-10b4a9266d92269fd48d12d1a6de983858ea9b74.tar.bz2 bugzilla-10b4a9266d92269fd48d12d1a6de983858ea9b74.zip | |
Bug 621108: [SECURITY] Creating/editing charts lacks CSRF protection
r=dkl a=LpSolit
Diffstat (limited to 'chart.cgi')
| -rwxr-xr-x | chart.cgi | 8 |
1 files changed, 6 insertions, 2 deletions
@@ -146,6 +146,8 @@ elsif ($action eq "wrap") { } elsif ($action eq "create") { assertCanCreate($cgi); + my $token = $cgi->param('token'); + check_hash_token($token, ['create-series']); my $series = new Bugzilla::Series($cgi); @@ -164,9 +166,11 @@ elsif ($action eq "edit") { edit($series); } elsif ($action eq "alter") { - assertCanEdit($series_id); + my $series = assertCanEdit($series_id); + my $token = $cgi->param('token'); + check_hash_token($token, [$series->id, $series->name]); # XXX - This should be replaced by $series->set_foo() methods. - my $series = new Bugzilla::Series($cgi); + $series = new Bugzilla::Series($cgi); # We need to check if there is _another_ series in the database with # our (potentially new) name. So we call existsInDatabase() to see if |