Skip to content

bugzilla
bugzilla
Commit 6896e046 authored by Frédéric Buclin's avatar Frédéric Buclin
Browse files
Options

Bug 1255619: CGI scripts should not send duplicated headers

r/a=dkl
parent 6e0182e5
Hide whitespace changes
Inline Side-by-side
Showing with 7 additions and 36 deletions
Bugzilla/CGI.pm
View file @ 6896e046
...@@ -66,7 +66,7 @@ sub new { ...@@ -66,7 +66,7 @@ sub new {
# else we will be redirected outside Bugzilla. # else we will be redirected outside Bugzilla.
my $script_name = $self->script_name; my $script_name = $self->script_name;
$path_info =~ s/^\Q$script_name\E//; $path_info =~ s/^\Q$script_name\E//;
if ($path_info) { if ($script_name && $path_info) {
print $self->redirect($self->url(-path => 0, -query => 1)); print $self->redirect($self->url(-path => 0, -query => 1));
} }
} }
...@@ -283,7 +283,7 @@ sub close_standby_message { ...@@ -283,7 +283,7 @@ sub close_standby_message {
print $self->multipart_end(); print $self->multipart_end();
print $self->multipart_start(-type => $contenttype); print $self->multipart_start(-type => $contenttype);
} }
else { elsif (!$self->{_header_done}) {
print $self->header($contenttype); print $self->header($contenttype);
} }
} }
...@@ -356,6 +356,7 @@ sub header { ...@@ -356,6 +356,7 @@ sub header {
Bugzilla::Hook::process('cgi_headers', Bugzilla::Hook::process('cgi_headers',
{ cgi => $self, headers => \%headers } { cgi => $self, headers => \%headers }
); );
$self->{_header_done} = 1;
return $self->SUPER::header(%headers) || ""; return $self->SUPER::header(%headers) || "";
} }
......
editclassifications.cgi
View file @ 6896e046
...@@ -27,7 +27,6 @@ local our $vars = {}; ...@@ -27,7 +27,6 @@ local our $vars = {};
sub LoadTemplate { sub LoadTemplate {
my $action = shift; my $action = shift;
my $cgi = Bugzilla->cgi;
my $template = Bugzilla->template; my $template = Bugzilla->template;
$vars->{'classifications'} = [Bugzilla::Classification->get_all] $vars->{'classifications'} = [Bugzilla::Classification->get_all]
...@@ -38,7 +37,6 @@ sub LoadTemplate { ...@@ -38,7 +37,6 @@ sub LoadTemplate {
$action =~ /(\w+)/; $action =~ /(\w+)/;
$action = $1; $action = $1;
print $cgi->header();
$template->process("admin/classifications/$action.html.tmpl", $vars) $template->process("admin/classifications/$action.html.tmpl", $vars)
|| ThrowTemplateError($template->error()); || ThrowTemplateError($template->error());
exit; exit;
......
editgroups.cgi
View file @ 6896e046
...@@ -135,8 +135,7 @@ sub get_current_and_available { ...@@ -135,8 +135,7 @@ sub get_current_and_available {
unless ($action) { unless ($action) {
my @groups = Bugzilla::Group->get_all; my @groups = Bugzilla::Group->get_all;
$vars->{'groups'} = \@groups; $vars->{'groups'} = \@groups;
print $cgi->header();
$template->process("admin/groups/list.html.tmpl", $vars) $template->process("admin/groups/list.html.tmpl", $vars)
|| ThrowTemplateError($template->error()); || ThrowTemplateError($template->error());
exit; exit;
...@@ -155,12 +154,10 @@ if ($action eq 'changeform') { ...@@ -155,12 +154,10 @@ if ($action eq 'changeform') {
get_current_and_available($group, $vars); get_current_and_available($group, $vars);
$vars->{'group'} = $group; $vars->{'group'} = $group;
$vars->{'token'} = issue_session_token('edit_group'); $vars->{'token'} = issue_session_token('edit_group');
print $cgi->header();
$template->process("admin/groups/edit.html.tmpl", $vars) $template->process("admin/groups/edit.html.tmpl", $vars)
|| ThrowTemplateError($template->error()); || ThrowTemplateError($template->error());
exit; exit;
} }
...@@ -172,10 +169,9 @@ if ($action eq 'changeform') { ...@@ -172,10 +169,9 @@ if ($action eq 'changeform') {
if ($action eq 'add') { if ($action eq 'add') {
$vars->{'token'} = issue_session_token('add_group'); $vars->{'token'} = issue_session_token('add_group');
print $cgi->header();
$template->process("admin/groups/create.html.tmpl", $vars) $template->process("admin/groups/create.html.tmpl", $vars)
|| ThrowTemplateError($template->error()); || ThrowTemplateError($template->error());
exit; exit;
} }
...@@ -204,7 +200,6 @@ if ($action eq 'new') { ...@@ -204,7 +200,6 @@ if ($action eq 'new') {
get_current_and_available($group, $vars); get_current_and_available($group, $vars);
$vars->{'token'} = issue_session_token('edit_group'); $vars->{'token'} = issue_session_token('edit_group');
print $cgi->header();
$template->process("admin/groups/edit.html.tmpl", $vars) $template->process("admin/groups/edit.html.tmpl", $vars)
|| ThrowTemplateError($template->error()); || ThrowTemplateError($template->error());
exit; exit;
...@@ -228,10 +223,8 @@ if ($action eq 'del') { ...@@ -228,10 +223,8 @@ if ($action eq 'del') {
$vars->{'group'} = $group; $vars->{'group'} = $group;
$vars->{'token'} = issue_session_token('delete_group'); $vars->{'token'} = issue_session_token('delete_group');
print $cgi->header();
$template->process("admin/groups/delete.html.tmpl", $vars) $template->process("admin/groups/delete.html.tmpl", $vars)
|| ThrowTemplateError($template->error()); || ThrowTemplateError($template->error());
exit; exit;
} }
...@@ -255,7 +248,6 @@ if ($action eq 'delete') { ...@@ -255,7 +248,6 @@ if ($action eq 'delete') {
$vars->{'message'} = 'group_deleted'; $vars->{'message'} = 'group_deleted';
$vars->{'groups'} = [Bugzilla::Group->get_all]; $vars->{'groups'} = [Bugzilla::Group->get_all];
print $cgi->header();
$template->process("admin/groups/list.html.tmpl", $vars) $template->process("admin/groups/list.html.tmpl", $vars)
|| ThrowTemplateError($template->error()); || ThrowTemplateError($template->error());
exit; exit;
...@@ -277,7 +269,6 @@ if ($action eq 'postchanges') { ...@@ -277,7 +269,6 @@ if ($action eq 'postchanges') {
$vars->{'changes'} = $changes; $vars->{'changes'} = $changes;
$vars->{'token'} = issue_session_token('edit_group'); $vars->{'token'} = issue_session_token('edit_group');
print $cgi->header();
$template->process("admin/groups/edit.html.tmpl", $vars) $template->process("admin/groups/edit.html.tmpl", $vars)
|| ThrowTemplateError($template->error()); || ThrowTemplateError($template->error());
exit; exit;
...@@ -288,6 +279,7 @@ if ($action eq 'confirm_remove') { ...@@ -288,6 +279,7 @@ if ($action eq 'confirm_remove') {
$vars->{'group'} = $group; $vars->{'group'} = $group;
$vars->{'regexp'} = CheckGroupRegexp($cgi->param('regexp')); $vars->{'regexp'} = CheckGroupRegexp($cgi->param('regexp'));
$vars->{'token'} = issue_session_token('remove_group_members'); $vars->{'token'} = issue_session_token('remove_group_members');
$template->process('admin/groups/confirm-remove.html.tmpl', $vars) $template->process('admin/groups/confirm-remove.html.tmpl', $vars)
|| ThrowTemplateError($template->error()); || ThrowTemplateError($template->error());
exit; exit;
...@@ -326,10 +318,8 @@ if ($action eq 'remove_regexp') { ...@@ -326,10 +318,8 @@ if ($action eq 'remove_regexp') {
$vars->{'group'} = $group->name; $vars->{'group'} = $group->name;
$vars->{'groups'} = [Bugzilla::Group->get_all]; $vars->{'groups'} = [Bugzilla::Group->get_all];
print $cgi->header();
$template->process("admin/groups/list.html.tmpl", $vars) $template->process("admin/groups/list.html.tmpl", $vars)
|| ThrowTemplateError($template->error()); || ThrowTemplateError($template->error());
exit; exit;
} }
......
editkeywords.cgi
View file @ 6896e046
...@@ -24,10 +24,6 @@ my $dbh = Bugzilla->dbh; ...@@ -24,10 +24,6 @@ my $dbh = Bugzilla->dbh;
my $template = Bugzilla->template; my $template = Bugzilla->template;
my $vars = {}; my $vars = {};
#
# Preliminary checks:
#
my $user = Bugzilla->login(LOGIN_REQUIRED); my $user = Bugzilla->login(LOGIN_REQUIRED);
print $cgi->header(); print $cgi->header();
...@@ -47,22 +43,16 @@ $vars->{'action'} = $action; ...@@ -47,22 +43,16 @@ $vars->{'action'} = $action;
if ($action eq "") { if ($action eq "") {
$vars->{'keywords'} = Bugzilla::Keyword->get_all_with_bug_count(); $vars->{'keywords'} = Bugzilla::Keyword->get_all_with_bug_count();
print $cgi->header();
$template->process("admin/keywords/list.html.tmpl", $vars) $template->process("admin/keywords/list.html.tmpl", $vars)
|| ThrowTemplateError($template->error()); || ThrowTemplateError($template->error());
exit; exit;
} }
if ($action eq 'add') { if ($action eq 'add') {
$vars->{'token'} = issue_session_token('add_keyword'); $vars->{'token'} = issue_session_token('add_keyword');
print $cgi->header();
$template->process("admin/keywords/create.html.tmpl", $vars) $template->process("admin/keywords/create.html.tmpl", $vars)
|| ThrowTemplateError($template->error()); || ThrowTemplateError($template->error());
exit; exit;
} }
...@@ -79,8 +69,6 @@ if ($action eq 'new') { ...@@ -79,8 +69,6 @@ if ($action eq 'new') {
delete_token($token); delete_token($token);
print $cgi->header();
$vars->{'message'} = 'keyword_created'; $vars->{'message'} = 'keyword_created';
$vars->{'name'} = $keyword->name; $vars->{'name'} = $keyword->name;
$vars->{'keywords'} = Bugzilla::Keyword->get_all_with_bug_count(); $vars->{'keywords'} = Bugzilla::Keyword->get_all_with_bug_count();
...@@ -104,7 +92,6 @@ if ($action eq 'edit') { ...@@ -104,7 +92,6 @@ if ($action eq 'edit') {
$vars->{'keyword'} = $keyword; $vars->{'keyword'} = $keyword;
$vars->{'token'} = issue_session_token('edit_keyword'); $vars->{'token'} = issue_session_token('edit_keyword');
print $cgi->header();
$template->process("admin/keywords/edit.html.tmpl", $vars) $template->process("admin/keywords/edit.html.tmpl", $vars)
|| ThrowTemplateError($template->error()); || ThrowTemplateError($template->error());
exit; exit;
...@@ -128,8 +115,6 @@ if ($action eq 'update') { ...@@ -128,8 +115,6 @@ if ($action eq 'update') {
delete_token($token); delete_token($token);
print $cgi->header();
$vars->{'message'} = 'keyword_updated'; $vars->{'message'} = 'keyword_updated';
$vars->{'keyword'} = $keyword; $vars->{'keyword'} = $keyword;
$vars->{'changes'} = $changes; $vars->{'changes'} = $changes;
...@@ -147,7 +132,6 @@ if ($action eq 'del') { ...@@ -147,7 +132,6 @@ if ($action eq 'del') {
$vars->{'keyword'} = $keyword; $vars->{'keyword'} = $keyword;
$vars->{'token'} = issue_session_token('delete_keyword'); $vars->{'token'} = issue_session_token('delete_keyword');
print $cgi->header();
$template->process("admin/keywords/confirm-delete.html.tmpl", $vars) $template->process("admin/keywords/confirm-delete.html.tmpl", $vars)
|| ThrowTemplateError($template->error()); || ThrowTemplateError($template->error());
exit; exit;
...@@ -162,8 +146,6 @@ if ($action eq 'delete') { ...@@ -162,8 +146,6 @@ if ($action eq 'delete') {
delete_token($token); delete_token($token);
print $cgi->header();
$vars->{'message'} = 'keyword_deleted'; $vars->{'message'} = 'keyword_deleted';
$vars->{'keyword'} = $keyword; $vars->{'keyword'} = $keyword;
$vars->{'keywords'} = Bugzilla::Keyword->get_all_with_bug_count(); $vars->{'keywords'} = Bugzilla::Keyword->get_all_with_bug_count();
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment