From b68487d1cf6db94c345bbfb180697e6c19f60e09 Mon Sep 17 00:00:00 2001 From: "mkanat%bugzilla.org" Date: Wed, 3 Mar 2010 22:01:31 +0000 Subject: [PATCH] Bug 513989 - large search query causing internal server error (500) but valid redirect 302 returned r=mkanat,a=mkanat git-svn-id: svn://10.0.0.236/branches/BUGZILLA-3_6-BRANCH@259872 18797224-902f-48f8-a5cc-f745e15eee43 --- mozilla/webtools/bugzilla/.bzrrev | 2 +- mozilla/webtools/bugzilla/Bugzilla/Constants.pm | 7 +++++++ mozilla/webtools/bugzilla/buglist.cgi | 8 +++++--- 3 files changed, 13 insertions(+), 4 deletions(-) diff --git a/mozilla/webtools/bugzilla/.bzrrev b/mozilla/webtools/bugzilla/.bzrrev index f8da955826e..96131690dc8 100644 --- a/mozilla/webtools/bugzilla/.bzrrev +++ b/mozilla/webtools/bugzilla/.bzrrev @@ -1 +1 @@ -7009 \ No newline at end of file +7010 \ No newline at end of file diff --git a/mozilla/webtools/bugzilla/Bugzilla/Constants.pm b/mozilla/webtools/bugzilla/Bugzilla/Constants.pm index 20926fab05f..18772878a6f 100644 --- a/mozilla/webtools/bugzilla/Bugzilla/Constants.pm +++ b/mozilla/webtools/bugzilla/Bugzilla/Constants.pm @@ -171,6 +171,8 @@ use File::Basename; PASSWORD_DIGEST_ALGORITHM PASSWORD_SALT_LENGTH + + CGI_URI_LIMIT ); @Bugzilla::Constants::EXPORT_OK = qw(contenttypes); @@ -495,6 +497,11 @@ use constant PASSWORD_DIGEST_ALGORITHM => 'SHA-256'; # of your users will be able to log in until they reset their passwords. use constant PASSWORD_SALT_LENGTH => 8; +# Certain scripts redirect to GET even if the form was submitted originally +# via POST such as buglist.cgi. This value determines whether the redirect +# can be safely done or not based on the web server's URI length setting. +use constant CGI_URI_LIMIT => 10000; + sub bz_locations { # We know that Bugzilla/Constants.pm must be in %INC at this point. # So the only question is, what's the name of the directory diff --git a/mozilla/webtools/bugzilla/buglist.cgi b/mozilla/webtools/bugzilla/buglist.cgi index afe37dfdbc8..d9b19dc0079 100755 --- a/mozilla/webtools/bugzilla/buglist.cgi +++ b/mozilla/webtools/bugzilla/buglist.cgi @@ -85,9 +85,11 @@ if (grep { $_ =~ /^cmd\-/ } $cgi->param()) { # if ($cgi->request_method() eq 'POST') { $cgi->clean_search_url(); - - print $cgi->redirect(-url => $cgi->self_url()); - exit; + my $uri_length = length($cgi->self_url()); + if ($uri_length < CGI_URI_LIMIT) { + print $cgi->redirect(-url => $cgi->self_url()); + exit; + } } # Determine whether this is a quicksearch query.