Closed Bug 1424408 Opened 8 years ago Closed 8 years ago

"Sign in with GitHub" button triggers a bugzilla security error, if I'm viewing a page with e.g. "t="

Categories

(bugzilla.mozilla.org :: Extensions, defect)

Product:
bugzilla.mozilla.org
Component:
Extensions
Version:
Production
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
VERIFIED FIXED

People

(Reporter: dholbert, Unassigned)

Details

Attachments

(2 files)

PR
45 bytes, text/x-github-pull-request
dylan
: review+
Details | Review
screencast showing bug if e.g. "&component=Core" is present in URL, vs. no bug if that's removed
2.15 MB, video/ogg
Details
STR: 1. Visit this link, in a fresh profile: https://bugzilla.mozilla.org/enter_bug.cgi?product=Core&component=SVG 2. Click the "Sign in with GitHub" button ACTUAL RESULTS: You get taken to an error page: > Bugzilla has suffered an internal error: > Bugzilla prevented you from logging in from a page > containing private information. EXPECTED RESULTS: I should've been redirected to the GitHub login form. This works correctly from pages like https://bugzilla.mozilla.org/enter_bug.cgi ...but not if I try to pre-enter the product & component like: https://bugzilla.mozilla.org/enter_bug.cgi?product=Core&component=SVG I'm guessing this is some "did you accidentally give us your github username/password" logic, which has gone haywire/extra-severe?
Background: I just got an emailed report of an SVG bug, and I replied asking the person to file a bug at this URL: https://bugzilla.mozilla.org/enter_bug.cgi?product=Core&component=SVG ...and I told them they could even log in with a GitHub-login-flow if they don't want to bother creating a Bugzilla account. (intending to save them a little time / mental burden) Little did I know, this turned out to actually be a footgun. :D hence, this bug.
So the fellow that ported this to upstream actually pointed this out last week, we're matching against the 't' in component there. It'll be fixed next push.
Assignee: nobody → dylan
Attached file PR
Wow! Was not expecting to see a patch before I could even capture & attach a screencast. :D Thanks!
Summary: "Sign in with GitHub" button triggers a bugzilla security error, if I'm viewing a page with e.g. "&product=Core&component=SVG" in the URL → "Sign in with GitHub" button triggers a bugzilla security error, if I'm viewing a page with e.g. "t="
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
Verified fixed. STR now take me to a github login page, as expected. Thanks!
Status: RESOLVED → VERIFIED
Assignee: dylan → nobody
Component: Extensions: GitHubAuth → Extensions
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: