Koha/koha-tmpl/opac-tmpl at 9e920f7479df6d36db3e3450d6e6c2524fa9fe56 - Koha-community/Koha - Koha: The world's first free and open source library system

History

Aleisha 9e920f7479 Bug 14360: Unescaped variable causes alert Adding \|html to [% resultsperpage %] to escape the variable and get rid of the alert. To test: 1) Go to URL such as ... /cgi-bin/koha/opac-authorities-home.pl?op=do_search&resultsperpage=1%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E 2) Notice pop-up box with alert 3) Apply patch, refresh page 4) Notice alert is gone Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>	2015-06-11 10:04:40 -03:00
..
bootstrap	Bug 14360: Unescaped variable causes alert	2015-06-11 10:04:40 -03:00
lib	Bug 13612 - Remove old YUI javacript libraries from opac-tmpl	2015-02-24 11:16:39 -03:00

Aleisha 9e920f7479 Bug 14360: Unescaped variable causes alert

Adding |html to [% resultsperpage %] to escape the variable and get rid of the alert.

To test:

1) Go to URL such as ...  /cgi-bin/koha/opac-authorities-home.pl?op=do_search&resultsperpage=1%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E
2) Notice pop-up box with alert
3) Apply patch, refresh page
4) Notice alert is gone

Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>

2015-06-11 10:04:40 -03:00

bootstrap

Bug 14360: Unescaped variable causes alert

2015-06-11 10:04:40 -03:00

lib

Bug 13612 - Remove old YUI javacript libraries from opac-tmpl

2015-02-24 11:16:39 -03:00