Commit 81c26ce6 authored by Hugo Seabrook's avatar Hugo Seabrook Committed by Frédéric Buclin

Bug 825758: Most Bugzilla::BugUrl::* modules incorrectly validate the domain name

r/a=LpSolit
parent 2392c2c8
......@@ -19,7 +19,7 @@ sub should_handle {
# Debian BTS URLs can look like various things:
# http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1234
# http://bugs.debian.org/1234
return ($uri->authority =~ /^bugs.debian.org$/i
return (lc($uri->authority) eq 'bugs.debian.org'
and (($uri->path =~ /bugreport\.cgi$/
and $uri->query_param('bug') =~ m|^\d+$|)
or $uri->path =~ m|^/\d+$|)) ? 1 : 0;
......
......@@ -18,7 +18,7 @@ sub should_handle {
# GitHub issue URLs have only one form:
# https://github.com/USER_OR_TEAM_OR_ORGANIZATION_NAME/REPOSITORY_NAME/issues/111
return ($uri->authority =~ /^github.com$/i
return (lc($uri->authority) eq 'github.com'
and $uri->path =~ m|^/[^/]+/[^/]+/issues/\d+$|) ? 1 : 0;
}
......
......@@ -18,7 +18,7 @@ sub should_handle {
# Google Code URLs only have one form:
# http(s)://code.google.com/p/PROJECT_NAME/issues/detail?id=1234
return ($uri->authority =~ /^code.google.com$/i
return (lc($uri->authority) eq 'code.google.com'
and $uri->path =~ m|^/p/[^/]+/issues/detail$|
and $uri->query_param('id') =~ /^\d+$/) ? 1 : 0;
}
......
......@@ -20,7 +20,7 @@ sub should_handle {
# https://bugs.launchpad.net/ubuntu/+bug/1234
# https://launchpad.net/bugs/1234
# All variations end with either "/bugs/1234" or "/+bug/1234"
return ($uri->authority =~ /launchpad.net$/
return ($uri->authority =~ /launchpad\.net$/
and $uri->path =~ m|bugs?/\d+$|) ? 1 : 0;
}
......
......@@ -18,7 +18,7 @@ sub should_handle {
# SourceForge tracker URLs have only one form:
# http://sourceforge.net/tracker/?func=detail&aid=111&group_id=111&atid=111
return ($uri->authority =~ /^sourceforge.net$/i
return (lc($uri->authority) eq 'sourceforge.net'
and $uri->path =~ m|/tracker/|
and $uri->query_param('func') eq 'detail'
and $uri->query_param('aid')
......
......@@ -18,7 +18,7 @@ sub should_handle {
# GetSatisfaction URLs only have one form:
# http(s)://getsatisfaction.com/PROJECT_NAME/topics/TOPIC_NAME
return ($uri->authority =~ /^getsatisfaction.com$/i
return (lc($uri->authority) eq 'getsatisfaction.com'
and $uri->path =~ m|^/[^/]+/topics/[^/]+$|) ? 1 : 0;
}
......
......@@ -18,8 +18,8 @@ sub should_handle {
# PHP Bug URLs have only one form:
# https://bugs.php.net/bug.php?id=1234
return ($uri->authority =~ /^bugs.php.net$/i
and $uri->path =~ m|/bug.php$|
return (lc($uri->authority) eq 'bugs.php.net'
and $uri->path =~ m|/bug\.php$|
and $uri->query_param('id') =~ /^\d+$/) ? 1 : 0;
}
......
......@@ -19,7 +19,7 @@ sub should_handle {
# RT URLs can look like various things:
# http://example.com/rt/Ticket/Display.html?id=1234
# https://example.com/Public/Bug/Display.html?id=1234
return ($uri->path =~ m|/Display.html$|
return ($uri->path =~ m|/Display\.html$|
and $uri->query_param('id') =~ /^\d+$/) ? 1 : 0;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment