From a7e7ed0f3a1d29800187a216b0363e0276d2f4ec Mon Sep 17 00:00:00 2001 From: "dkl%redhat.com" <> Date: Thu, 10 Jul 2008 09:56:11 +0000 Subject: =?UTF-8?q?Bug=20428659=20=C3=A2=C2=80=C2=93=20Setting=20SSL=20par?= =?UTF-8?q?am=20to=20'authenticated=20sessions'=20only=20protects=20logins?= =?UTF-8?q?=20and=20param=20doesn't=20protect=20WebService=20calls=20at=20?= =?UTF-8?q?all=20Patch=20by=20Dave=20Lawrence=20=20-=20r/a?= =?UTF-8?q?=3Dmkanat?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- token.cgi | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) (limited to 'token.cgi') diff --git a/token.cgi b/token.cgi index c91c2f94f..71996bec0 100755 --- a/token.cgi +++ b/token.cgi @@ -347,11 +347,9 @@ sub request_create_account { $vars->{'date'} = str2time($date); # We require a HTTPS connection if possible. - if (Bugzilla->params->{'sslbase'} ne '' - && Bugzilla->params->{'ssl'} ne 'never') - { - $cgi->require_https(Bugzilla->params->{'sslbase'}); - } + Bugzilla->cgi->require_https(Bugzilla->params->{'sslbase'}) + if ssl_require_redirect(); + print $cgi->header(); $template->process('account/email/confirm-new.html.tmpl', $vars) -- cgit v1.2.1