From: Frédéric Buclin Date: Mon, 14 Feb 2011 21:55:29 +0000 (+0100) Subject: Bug 480044: Use dashes instead of colons to separate bug IDs in the BUGLIST cookie... X-Git-Tag: bugzilla-4.0~4 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=56a1e306a6e32f36d7e296921dee5c506684d317;p=thirdparty%2Fbugzilla.git Bug 480044: Use dashes instead of colons to separate bug IDs in the BUGLIST cookie, because colons are HTML-escaped, making the cookie bigger than the 4k limit r=mkanat a=LpSolit --- diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm index 30c4e62931..f81ed2b2f2 100644 --- a/Bugzilla/User.pm +++ b/Bugzilla/User.pm @@ -423,7 +423,8 @@ sub recent_search_for { # and the selected bug is in the list, then return the cookie as a fake # Search::Recent object. if (my $list = $cgi->cookie('BUGLIST')) { - my @bug_ids = split(':', $list); + # Also split on colons, which was used as a separator in old cookies. + my @bug_ids = split(/[:-]/, $list); if (grep { $_ == $bug->id } @bug_ids) { my $search = Bugzilla::Search::Recent->new_from_cookie(\@bug_ids); return $search; @@ -494,7 +495,7 @@ sub save_last_search { # they may still want to navigate through the search they made while # logged out. else { - my $bug_list = join(":", @$bug_ids); + my $bug_list = join('-', @$bug_ids); if (length($bug_list) < 4000) { $cgi->send_cookie(-name => 'BUGLIST', -value => $bug_list, diff --git a/buglist.cgi b/buglist.cgi index 788f28c956..ba80bb0359 100755 --- a/buglist.cgi +++ b/buglist.cgi @@ -184,7 +184,7 @@ if (my $last_list = $cgi->param('regetlastlist')) { $cgi->cookie('BUGLIST') || ThrowUserError("missing_cookie"); $order = "reuse last sort" unless $order; $bug_ids = $cgi->cookie('BUGLIST'); - $bug_ids =~ s/:/,/g; + $bug_ids =~ s/[:-]/,/g; } # But logged in users store the last X searches in the DB so they can # have multiple bug lists available.