From e7883877a98dfcae3f75f1c1a562120d89aed22a Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Thu, 09 Feb 2012 08:33:16 -0500
Subject: [PATCH] Fixed session fixation vulnerability (issue 62)

---
 src/com/gitblit/RpcServlet.java |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/src/com/gitblit/RpcServlet.java b/src/com/gitblit/RpcServlet.java
index 115d553..2d51388 100644
--- a/src/com/gitblit/RpcServlet.java
+++ b/src/com/gitblit/RpcServlet.java
@@ -298,6 +298,9 @@
 				for (String key : keys) {
 					managementSettings.add(settings.get(key));
 				}
+				if (allowManagement) {
+					managementSettings.pushScripts = settings.pushScripts;
+				}
 				result = managementSettings;
 			}
 		} else if (RpcRequest.EDIT_SETTINGS.equals(reqType)) {

--
Gitblit v1.9.1