aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorbugreport%peshkin.net <>2004-07-10 14:12:21 +0000
committerbugreport%peshkin.net <>2004-07-10 14:12:21 +0000
commita987df219a7aa54ae2429488f9f5655402463dc5 (patch)
tree5c4c7870574439391143e1c47b38be08686585b3 /chart.cgi
parentBug 242405 Turning on QA contact causes taint error in Bugzilla/Series.pm whe... (diff)
downloadbugzilla-a987df219a7aa54ae2429488f9f5655402463dc5.tar.gz
bugzilla-a987df219a7aa54ae2429488f9f5655402463dc5.tar.bz2
bugzilla-a987df219a7aa54ae2429488f9f5655402463dc5.zip
Bug 235510: Do not expose user password in URL to chart image if login required to access a chart
patch by gerv r=kiko a=justdave
Diffstat (limited to 'chart.cgi')
-rwxr-xr-xchart.cgi3
1 files changed, 2 insertions, 1 deletions
diff --git a/chart.cgi b/chart.cgi
index b6f7f746b..d3f6f5ccc 100755
--- a/chart.cgi
+++ b/chart.cgi
@@ -284,7 +284,8 @@ sub wrap {
$vars->{'time'} = time();
$vars->{'imagebase'} = $cgi->canonicalise_query(
- "action", "action-wrap", "ctype", "format", "width", "height");
+ "action", "action-wrap", "ctype", "format", "width", "height",
+ "Bugzilla_login", "Bugzilla_password");
print "Content-Type:text/html\n\n";
$template->process("reports/chart.html.tmpl", $vars)