diff options
| author |   dkl%redhat.com <> | 2008-07-10 09:56:11 +0000 |
|---|---|---|
| committer | dkl%redhat.com <> | 2008-07-10 09:56:11 +0000 |
| commit | a7e7ed0f3a1d29800187a216b0363e0276d2f4ec (patch) | |
| tree | 3a432943e95f96181b967935b22b89c8837839dd /xmlrpc.cgi | |
| parent | Bug 441496 - Use server push (multipart/x-mixed-replace) with compatible vers... (diff) | |
| download | bugzilla-a7e7ed0f3a1d29800187a216b0363e0276d2f4ec.tar.gz bugzilla-a7e7ed0f3a1d29800187a216b0363e0276d2f4ec.tar.bz2 bugzilla-a7e7ed0f3a1d29800187a216b0363e0276d2f4ec.zip | |
Bug 428659 â Setting SSL param to 'authenticated sessions' only protects logins and param doesn't protect WebService calls at all
Patch by Dave Lawrence <dkl@redhat.com> - r/a=mkanat
Diffstat (limited to 'xmlrpc.cgi')
| -rwxr-xr-x | xmlrpc.cgi | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/xmlrpc.cgi b/xmlrpc.cgi index 324382ea2..5ca40bef0 100755 --- a/xmlrpc.cgi +++ b/xmlrpc.cgi @@ -53,5 +53,9 @@ my $dispatch = { my $response = Bugzilla::WebService::XMLRPC::Transport::HTTP::CGI ->dispatch_with($dispatch) - ->on_action(sub { Bugzilla::WebService::handle_login($dispatch, @_) } ) + ->on_action(sub { + my ($action, $uri, $method) = @_; + Bugzilla::WebService::handle_login($dispatch, @_); + Bugzilla::WebService::handle_redirect(@_); + } ) ->handle; |