Bug 35072: Fix invalid usage of "&" in JavaScript intranet-tmpl script redirects
These escapes were invalid in these places, as HTML entity escapes are meant to be used only inside of HTML elements/attributes, not inside of JavaScript code. These URLs would be sent out by the browser as-is, and that'd usually work on the default install only coincidentally. Unfortunately, on some setups (such as when using reverse proxies), this would break, and the URL after "&" would have been truncated. This small patch adjusts the URLs in templates to not use wrong escapes, and makes them consistent with how URLs are formatted for JavaScript redirects in most of the templates already. Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This commit is contained in:
parent
a5fc346403
commit
da9f74e56a
5 changed files with 8 additions and 8 deletions
|
@ -54,7 +54,7 @@ function batchModify(){
|
|||
var bib = $(this).val();
|
||||
bibs += bib + "/";
|
||||
});
|
||||
newloc = "/cgi-bin/koha/tools/batch_record_modification.pl?op=list&bib_list=" + bibs + "&type=biblio";
|
||||
newloc = "/cgi-bin/koha/tools/batch_record_modification.pl?op=list&bib_list=" + bibs + "&type=biblio";
|
||||
|
||||
window.opener.location = newloc;
|
||||
window.close();
|
||||
|
|
|
@ -52,7 +52,7 @@ function confirm_deletion(link) {
|
|||
}
|
||||
if (is_confirmed) {
|
||||
$("#deletebiblio").unbind('click');
|
||||
window.location="/cgi-bin/koha/cataloguing/addbiblio.pl?op=delete&biblionumber=" + biblionumber + (searchid ? "&searchid="+searchid : "");
|
||||
window.location="/cgi-bin/koha/cataloguing/addbiblio.pl?op=delete&biblionumber=" + biblionumber + (searchid ? "&searchid="+searchid : "");
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
|
@ -67,7 +67,7 @@ function confirm_items_deletion() {
|
|||
alert(__("%s hold(s) on this record. You must delete all holds before deleting all items.").format(holdcount));
|
||||
} else if ( count > 0 ) {
|
||||
if (confirm(__("Are you sure you want to delete the %s attached items?").format(count))) {
|
||||
window.location="/cgi-bin/koha/cataloguing/additem.pl?op=delallitems&biblionumber=" + biblionumber + (searchid ? "&searchid="+searchid : "");
|
||||
window.location="/cgi-bin/koha/cataloguing/additem.pl?op=delallitems&biblionumber=" + biblionumber + (searchid ? "&searchid="+searchid : "");
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
|
|
|
@ -450,7 +450,7 @@ $(document).ready(function() {
|
|||
let reserve_id = $(this).data('reserve-id');
|
||||
let biblionumber = $(this).data('biblionumber');
|
||||
let suspend_until = $('#suspend_until_' + reserve_id).val();
|
||||
window.location.href='request.pl?action=toggleSuspend&reserve_id=' + reserve_id + '&biblionumber=' + biblionumber + '&suspend_until=' + suspend_until;
|
||||
window.location.href='request.pl?action=toggleSuspend&reserve_id=' + reserve_id + '&biblionumber=' + biblionumber + '&suspend_until=' + suspend_until;
|
||||
return false;
|
||||
});
|
||||
});
|
||||
|
|
|
@ -145,16 +145,16 @@ function update_child() {
|
|||
function confirm_reregistration() {
|
||||
var is_confirmed = window.confirm( __("Are you sure you want to renew this patron's registration?") );
|
||||
if (is_confirmed) {
|
||||
window.location = '/cgi-bin/koha/members/setstatus.pl?borrowernumber=' + borrowernumber + '&destination=' + destination + '&reregistration=y';
|
||||
window.location = '/cgi-bin/koha/members/setstatus.pl?borrowernumber=' + borrowernumber + '&destination=' + destination + '&reregistration=y';
|
||||
}
|
||||
}
|
||||
function export_barcodes() {
|
||||
window.open('/cgi-bin/koha/members/readingrec.pl?borrowernumber=' + borrowernumber + '&op=export_barcodes');
|
||||
window.open('/cgi-bin/koha/members/readingrec.pl?borrowernumber=' + borrowernumber + '&op=export_barcodes');
|
||||
}
|
||||
var slip_re = /slip/;
|
||||
function printx_window(print_type) {
|
||||
var handler = print_type.match(slip_re) ? "printslip" : "summary-print";
|
||||
window.open("/cgi-bin/koha/members/" + handler + ".pl?borrowernumber=" + borrowernumber + "&print=" + print_type, "printwindow");
|
||||
window.open("/cgi-bin/koha/members/" + handler + ".pl?borrowernumber=" + borrowernumber + "&print=" + print_type, "printwindow");
|
||||
return false;
|
||||
}
|
||||
function searchToHold(){
|
||||
|
|
|
@ -434,7 +434,7 @@ function resultsBatchProcess( op ){
|
|||
selected.each(function() {
|
||||
params.push( $(this).val() );
|
||||
});
|
||||
url = "/cgi-bin/koha/tools/batch_record_modification.pl?op=list&bib_list=" + params.join("/");
|
||||
url = "/cgi-bin/koha/tools/batch_record_modification.pl?op=list&bib_list=" + params.join("/");
|
||||
location.href = url;
|
||||
}
|
||||
} else if( op == "delete" ){
|
||||
|
|
Loading…
Reference in a new issue