Commit a987df21 authored by bugreport%peshkin.net's avatar bugreport%peshkin.net

Bug 235510: Do not expose user password in URL to chart image if login required to access a chart

patch by gerv r=kiko a=justdave
parent c50567b3
...@@ -284,7 +284,8 @@ sub wrap { ...@@ -284,7 +284,8 @@ sub wrap {
$vars->{'time'} = time(); $vars->{'time'} = time();
$vars->{'imagebase'} = $cgi->canonicalise_query( $vars->{'imagebase'} = $cgi->canonicalise_query(
"action", "action-wrap", "ctype", "format", "width", "height"); "action", "action-wrap", "ctype", "format", "width", "height",
"Bugzilla_login", "Bugzilla_password");
print "Content-Type:text/html\n\n"; print "Content-Type:text/html\n\n";
$template->process("reports/chart.html.tmpl", $vars) $template->process("reports/chart.html.tmpl", $vars)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment