Closed
Bug 329334
Opened 19 years ago
Closed 19 years ago
User::match_field() may redirect you outside your Bugzilla installation
Categories
(Bugzilla :: Bugzilla-General, defect)
Tracking
()
RESOLVED
FIXED
Bugzilla 2.20
People
(Reporter: LpSolit, Assigned: LpSolit)
References
Details
Attachments
(1 file)
776 bytes,
patch
|
myk
:
review+
|
Details | Diff | Splinter Review |
The problem is the same as in bug 325079, i.e. User::match_field() uses $ENV{'SCRIPT_NAME'} in the confirmation page to redirect you to the appropriate page. But if the URL is of the form http://foo.com//bugzilla/bar.cgi, you are redirected to //bugzilla/bar.cgi. That's what happended to me a few minutes ago.
Assignee | ||
Comment 1•19 years ago
|
||
Similar fix as in bug 325079, except I don't include Param('urlbase'), which is useless here.
Attachment #213987 -
Flags: review?(myk)
Updated•19 years ago
|
Attachment #213987 -
Flags: review?(myk) → review+
Updated•19 years ago
|
Flags: approval+
Updated•19 years ago
|
Flags: approval2.22+
Flags: approval2.20+
Assignee | ||
Comment 2•19 years ago
|
||
tip:
Checking in Bugzilla/User.pm;
/cvsroot/mozilla/webtools/bugzilla/Bugzilla/User.pm,v <-- User.pm
new revision: 1.104; previous revision: 1.103
done
2.22rc1:
Checking in Bugzilla/User.pm;
/cvsroot/mozilla/webtools/bugzilla/Bugzilla/User.pm,v <-- User.pm
new revision: 1.101.2.2; previous revision: 1.101.2.1
done
2.20.1:
Checking in Bugzilla/User.pm;
/cvsroot/mozilla/webtools/bugzilla/Bugzilla/User.pm,v <-- User.pm
new revision: 1.61.2.19; previous revision: 1.61.2.18
done
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
Assignee | ||
Comment 3•18 years ago
|
||
*** Bug 281644 has been marked as a duplicate of this bug. ***
Assignee | ||
Updated•18 years ago
|
Flags: testcase?
Assignee | ||
Updated•14 years ago
|
Flags: testcase?
You need to log in
before you can comment on or make changes to this bug.
Description
•