diff options
| author | ivan <ivan> | 2011-07-15 20:28:17 +0000 |
|---|---|---|
| committer | ivan <ivan> | 2011-07-15 20:28:17 +0000 |
| commit | f07090d1447b1ac9b9796b4a19a37b76f57fa035 (patch) | |
| tree | 5a62e7addf7949a58d58ebdb72b992ce6519083d | |
| parent | d04a3f3b11ab9e1d32ffb328bf994e8f21fc51a1 (diff) | |
fix 403 errors pulling up RTx-Statistics charts, RT#13546
| -rw-r--r-- | rt/FREESIDE_MODIFIED | 1 | ||||
| -rw-r--r-- | rt/lib/RT/Interface/Web.pm | 7 |
2 files changed, 6 insertions, 2 deletions
diff --git a/rt/FREESIDE_MODIFIED b/rt/FREESIDE_MODIFIED index eff94b005..bb850d9b1 100644 --- a/rt/FREESIDE_MODIFIED +++ b/rt/FREESIDE_MODIFIED @@ -16,6 +16,7 @@ lib/RT/CustomField_Vendor.pm #mandatory fields lib/RT/Interface/Web.pm #customfield date patch #fix transaction custom fields #fix Web.pm Overlay/Vendor/Local inclusion + #fix MaybeRejectPrivateComponentRequest for RTx::Statistics lib/RT/Action.pm #create ticket on custom field change lib/RT/Condition.pm #create ticket on custom field change lib/RT/Scrip_Overlay.pm #create ticket on custom field change diff --git a/rt/lib/RT/Interface/Web.pm b/rt/lib/RT/Interface/Web.pm index 822a9b5fa..e19345929 100644 --- a/rt/lib/RT/Interface/Web.pm +++ b/rt/lib/RT/Interface/Web.pm @@ -438,7 +438,11 @@ sub MaybeRejectPrivateComponentRequest { autohandler | # requesting this directly is suspicious l ) # loc component ( $ | / ) # trailing slash or end of path - }xi) { + }xi + && $path !~ m{ /RTx/Statistics/\w+/Elements/Chart }xi + ) + { + warn "rejecting private component $path\n"; $m->abort(403); } @@ -2300,7 +2304,6 @@ sub _parse_saved_search { return ( _load_container_object( $obj_type, $obj_id ), $search_id ); } -package RT::Interface::Web; RT::Base->_ImportOverlays(); 1; |