Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Koha/opac
History
David Cook 37ced7df05
Bug 31699: (follow-up) Protect more against open redirects 
This change checks that the OPACBaseURL exists, and uses its scheme
and authority to rewrite the URL passed through the "return"
param.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-02-09 10:21:31 -03:00
..
clubs Bug 29844: Fix ->search occurrences 2022-02-09 15:36:23 -10:00
errors Bug 29420: HTTP status code incorrect when calling error pages directly under Plack/PSGI 2022-04-20 09:03:39 -10:00
external/overdrive
sci
sco Bug 19188: Use the Price template plugin with_symbol => 1 2023-01-31 10:49:33 -03:00
svc Bug 30426: Add missing C4::Auth and C4::Output imports 2022-04-13 15:55:38 +02:00
ilsdi.pl Bug 30944: Undo change to ILS-DI documentation 2022-10-03 13:44:11 -03:00
maintenance.pl
oai.pl
opac-account-pay-return.pl
opac-account-pay.pl
opac-account.pl Bug 29844: Fix ->search occurrences 2022-02-09 15:36:23 -10:00
opac-addbybiblionumber.pl Bug 26346: Add option to make public lists editable by all staff 2022-04-12 17:13:02 +02:00
opac-alert-subscribe.pl
opac-article-request-cancel.pl
opac-authorities-home.pl Bug 30036: Allow XSLT for authority results view in OPAC 2022-10-27 09:54:35 -03:00
opac-authoritiesdetail.pl Bug 29897: Display author's identifiers 2022-08-09 10:58:44 -03:00
opac-basket.pl Bug 16522: (follow-up) MARC display templates and get_marc_host fixes 2023-01-30 12:10:11 -03:00
opac-blocked.pl
opac-browse.pl
opac-browser.pl
opac-changelanguage.pl
opac-course-details.pl Bug 32445: (follow-up) Fix availability display on opac-course-details 2023-01-05 09:09:48 -03:00
opac-course-reserves.pl
opac-curbside-pickups.pl Bug 30650: Prevent pickup to be created on holiday 2022-07-29 15:00:51 -03:00
opac-detail.pl Bug 32712: (QA follow-up) Use Koha.Preference 2023-01-31 09:34:13 -03:00
opac-discharge.pl
opac-downloadcart.pl Bug 29697: Use flag embed_items 2022-07-22 15:24:11 -03:00
opac-downloadshelf.pl Bug 29697: Use flag embed_items 2022-07-22 15:24:11 -03:00
opac-export.pl Bug 29697: Use flag embed_items 2022-07-22 15:24:11 -03:00
opac-holdshistory.pl
opac-ics.pl Bug 30927: Improve formatting or iCal files for checkout due dates 2022-08-09 07:39:17 -03:00
opac-idref.pl
opac-illrequests.pl
opac-image.pl
opac-imageviewer.pl
opac-ISBDdetail.pl Bug 30678: (follow-up) Change call in opac scripts 2022-07-22 14:58:12 -03:00
opac-issue-note.pl Bug 29544: (QA follow-up) Simplify code 2022-02-02 21:05:29 -10:00
opac-library.pl Bug 31775: Show single library 2022-10-17 08:25:55 -03:00
opac-main.pl Bug 28955: Impact News as well 2022-02-24 14:35:36 -10:00
opac-MARCdetail.pl Bug 29697: Use flag embed_items 2022-07-22 15:24:11 -03:00
opac-memberentry.pl Bug 31219: Prevent JS injection in patron extended attributes 2022-10-24 14:40:41 -03:00
opac-messaging.pl Bug 31743: Change condition for messaging tab 2022-11-04 20:01:13 -03:00
opac-modrequest-suspend.pl
opac-modrequest.pl Bug 14783: (QA follow-up) Rename method and move tests 2022-10-17 15:43:22 -03:00
opac-mymessages.pl
opac-news-rss.pl
opac-overdrive-search.pl Bug 29318: Tidy the code 2021-10-26 16:46:03 +02:00
opac-page.pl Bug 32251: Add a fallback for when language cookie was removed 2023-01-27 16:20:24 -03:00
opac-passwd.pl
opac-password-recovery.pl Bug 31739: Password recovery from staff fails if previous expired reset-entry exists. 2022-10-24 14:12:16 -03:00
opac-patron-consent.pl
opac-patron-image.pl Bug 29931: (follow-up) Similar thing in opac-patron-image.pl 2022-03-15 22:30:50 -10:00
opac-privacy.pl Bug 29843: Use in opac/opac-privacy.pl 2022-02-10 14:44:23 -10:00
opac-ratings.pl
opac-readingrecord.pl Bug 28768: (QA follow-up) Remove unused variable 2021-11-05 12:17:08 +01:00
opac-recall.pl Bug 30291: Changes to OPAC files 2022-05-05 11:17:36 -10:00
opac-recalls.pl Bug 30291: Changes to OPAC files 2022-05-05 11:17:36 -10:00
opac-recordedbooks-search.pl
opac-registration-verify.pl Bug 23538: Email library when new patron self-registers 2022-09-23 09:37:54 -03:00
opac-renew.pl
opac-reportproblem.pl
opac-request-article.pl Bug 27946: Add UI handling of AR fees 2022-01-28 11:09:07 -10:00
opac-reserve.pl Bug 24860: Add ability to select an item group when placing a hold - OPAC 2022-11-04 19:39:56 -03:00
opac-reset-password.pl Bug 29925: Add a password reset page for expired passwords 2022-05-06 10:33:09 -10:00
opac-restrictedpage.pl
opac-retrieve-file.pl
opac-review.pl
opac-routing-lists.pl
opac-search-history.pl Bug 30377: Fix two CGI::param called in list context-warnings 2022-04-04 16:23:46 +02:00
opac-search.pl Bug 31517: Remove unused get_tag function 2022-11-04 19:30:56 -03:00
opac-sendbasket.pl Bug 16522: (follow-up) MARC display templates and get_marc_host fixes 2023-01-30 12:10:11 -03:00
opac-sendshelf.pl Bug 16522: (follow-up) MARC display templates and get_marc_host fixes 2023-01-30 12:10:11 -03:00
opac-serial-issues.pl
opac-shareshelf.pl Bug 28959: Fix other cases 2021-10-28 17:47:38 +02:00
opac-shelves.pl Bug 32434: Show "Lists" line on lists results 2023-01-30 15:09:03 -03:00
opac-showmarc.pl
opac-showreviews.pl Bug 29697: Replace GetMarcBiblio occurrences with $biblio->metadata->record 2022-07-22 15:24:11 -03:00
opac-suggestions.pl Bug 31333: (follow-up) Handle anonymous patrons making suggestions 2022-10-04 08:44:26 -03:00
opac-tags.pl Bug 28375: (follow-up) Use C4::Context->interface 2022-10-20 11:50:53 -03:00
opac-tags_subject.pl
opac-topissues.pl Bug 17018: Split AdvancedSearchTypes for staff and OPAC 2022-04-12 17:13:02 +02:00
opac-user.pl Bug 31699: (follow-up) Protect more against open redirects 2023-02-09 10:21:31 -03:00
tracklinks.pl Bug 30262: Trim whitespace off tracklinks.pl URLs 2022-08-31 08:46:11 -03:00
unapi Bug 17600: Fix opac/unapi 2021-11-22 11:04:51 +01:00