Commit 53612b7e authored by Jim Brandt's avatar Jim Brandt
Browse files

Add RTIR search result page to CSRF whitelist

parent 68a3e8af
......@@ -79,6 +79,16 @@ my $ticket_sql_parser = Parse::BooleanLogic->new;
# Add the RTIR search result page to the whitelist to allow
# bookmarks to work without CSRF warnings, similar to the RT
# search result page. As noted in the similar RT configuration,
# whitelisted search links can be used for denial-of-service against RT
# (construct a very inefficient query and trick lots of users into
# running them against RT). This is offset by the general usefulness of
# bookmarking search links.
$RT::Interface::Web::is_whitelisted_component{'/RTIR/Search/Results.html'} = 1;
=head2 OurQueue
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment