951f3346a2
To Test
1/ Craft a url like /cgi-bin/koha/catalogue/search.pl?q=smith&sort_by='"><script>prompt('Happy_Holidays')</script>
It is important it must return results and facets
2/ Notice the js is executed
3/ Apply the patch test again
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
No prompts, no functional regressions found.
Checked selecting and undoing facets, show more links and paging.
Signed-off-by: Mason James <mtj@kohaaloha.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
7 lines
1 KiB
HTML
7 lines
1 KiB
HTML
[% IF ( PAGE_NUMBERS ) %]<div class="pages">
|
|
<!-- Row of numbers corresponding to search result pages -->
|
|
[% IF ( previous_page_offset.defined ) %]<a class="nav" href="/cgi-bin/koha/catalogue/search.pl?[% query_cgi |html %][% limit_cgi |html %]&offset=[% previous_page_offset %][% IF ( sort_by ) %]&sort_by=[% sort_by |url %][% END %]"><< Previous</a>[% END %]
|
|
[% FOREACH PAGE_NUMBER IN PAGE_NUMBERS %][% IF ( PAGE_NUMBER.highlight ) %]<span class="current">[% PAGE_NUMBER.pg %]</span>[% ELSE %] <a class="nav" href="/cgi-bin/koha/catalogue/search.pl?[% query_cgi |html %][% limit_cgi |html %]&offset=[% PAGE_NUMBER.offset %][% IF ( sort_by ) %]&sort_by=[% sort_by |url %][% END %]">[% PAGE_NUMBER.pg %]</a>[% END %]
|
|
[% END %]
|
|
[% IF ( next_page_offset ) %]<a class="nav" href="/cgi-bin/koha/catalogue/search.pl?[% query_cgi |html %][% limit_cgi |html %]&offset=[% next_page_offset %][% IF ( sort_by ) %]&sort_by=[% sort_by |url %][% END %]">Next >></a>[% END %]
|
|
</div>[% END %]
|