Last Comment Bug 768870 - No token assigned to "Un-forget the search"
: No token assigned to "Un-forget the search"
Status: RESOLVED FIXED
: regression
Product: Bugzilla
Classification: Server Software
Component: Query/Bug List (show other bugs)
: 4.0.6
: All All
: -- minor (vote)
: Bugzilla 4.0
Assigned To: Frédéric Buclin
: default-qa
Mentors:
Depends on: CVE-2011-0046
Blocks:
  Show dependency treegraph
 
Reported: 2012-06-27 06:41 PDT by laurens.bal
Modified: 2012-09-07 22:49 PDT (History)
4 users (show)
LpSolit: approval+
LpSolit: approval4.2+
LpSolit: approval4.0+
See Also:
QA Whiteboard:
Iteration: ---
Points: ---


Attachments
patch, v1 (1.01 KB, patch)
2012-06-27 07:30 PDT, Frédéric Buclin
glob: review+
Details | Diff | Splinter Review

Description laurens.bal 2012-06-27 06:41:47 PDT
Step 1: Login with your account on bugzilla.mozilla.org
Step 2: Use query.cgi to perform a search
Step 3: Save your requested search  as "mysearch"
Step 4: Click on the link "Forget Search Mysearch"
Step 5: Click now on the link "Un-forget the search"

You will now be redirected to a page that asks for the token. 
Because there is no token added to this request.

Greets,

Laurens
Comment 1 Frédéric Buclin 2012-06-27 07:29:13 PDT
Regression due to bug 621090. As we regressed this in 4.0, we should fix it there too, despite not being a security issue. Patch coming.
Comment 2 Frédéric Buclin 2012-06-27 07:30:38 PDT
Created attachment 637112 [details] [diff] [review]
patch, v1
Comment 3 Byron Jones ‹:glob› 2012-06-27 08:32:27 PDT
Comment on attachment 637112 [details] [diff] [review]
patch, v1

r=glob
Comment 4 Frédéric Buclin 2012-06-27 09:14:08 PDT
Committing to: bzr+ssh://lpsolit%40gmail.com@bzr.mozilla.org/bugzilla/trunk/
modified buglist.cgi
Committed revision 8278.

Committing to: bzr+ssh://lpsolit%40gmail.com@bzr.mozilla.org/bugzilla/4.2/
modified buglist.cgi
Committed revision 8099.

Committing to: bzr+ssh://lpsolit%40gmail.com@bzr.mozilla.org/bugzilla/4.0/
modified buglist.cgi
Committed revision 7711.
Comment 5 Reed Loden [:reed] (use needinfo?) 2012-06-27 23:29:39 PDT
This has been deployed on bmo.
Comment 6 Jeren 2012-09-07 22:49:22 PDT
Comment on attachment 637112 [details] [diff] [review]
patch, v1

>Index: buglist.cgi
>===================================================================
>RCS file: /cvsroot/mozilla/webtools/bugzilla/buglist.cgi,v
>retrieving revision 1.444
>diff -p -u -r1.444 buglist.cgi
>--- buglist.cgi	7 Jun 2012 21:45:44 -0000	1.444
>+++ buglist.cgi	27 Jun 2012 14:29:44 -0000
>@@ -422,7 +422,9 @@ if ($cmdtype eq "dorem") {  
>         # Generate and return the UI (HTML page) from the appropriate template.
>         $vars->{'message'} = "buglist_query_gone";
>         $vars->{'namedcmd'} = $qname;
>-        $vars->{'url'} = "buglist.cgi?newquery=" . url_quote($buffer) . "&cmdtype=doit&remtype=asnamed&newqueryname=" . url_quote($qname);
>+        $vars->{'url'} = "buglist.cgi?newquery=" . url_quote($buffer)
>+                         . "&cmdtype=doit&remtype=asnamed&newqueryname=" . url_quote($qname)
>+                         . "&token=" . url_quote(issue_hash_token(['savedsearch']));
>         $template->process("global/message.html.tmpl", $vars)
>           || ThrowTemplateError($template->error());
>         exit;

Note You need to log in before you can comment on or make changes to this bug.