Koha/svc at b45f0e9978ef1ca97b3226bc500107806a487b12 - Koha-community/Koha - Koha: The world's first free and open source library system

History

David Cook ff7d9c255a Bug 37464: Validate "type" sent to barcode/svc This change validates the "type" sent to the barcode/svc. Without this change, we pass the user input directly to GD::Barcode, which passes the input into an eval{} block without any validation of its own. Test plan: 0. Apply the patch 1. koha-plack --reload kohadev 2. Go to http://localhost:8081/cgi-bin/koha/svc/barcode?type=bad&barcode=123456 3. Note that a Code39 barcode is provided for an invalid type 4. Go to http://localhost:8081/cgi-bin/koha/svc/barcode?type=Code39&barcode=123456 5. Note that a Code39 barcode is provided 6. Go to http://localhost:8081/cgi-bin/koha/svc/barcode?type=UPCE&barcode=123456 7. Note that a non-Code39 barcode is provided (presumably UPCE) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>		2024-08-13 11:05:31 -03:00
..
cataloguing	Bug 31682: Silence automatic linker warn	2022-10-11 10:41:23 -03:00
club	Bug 35942: OPAC user can enroll several times to the same club [23.05.x]	2024-02-22 14:35:01 +00:00
config	Bug 34369: Require CSRF token for updating system preferences	2023-09-26 21:29:27 -10:00
letters	Bug 17600: Fix imports for svc/letters/preview	2021-10-21 09:56:29 +02:00
mana	Bug 28785: Adjust check_cookie_auth calls	2021-10-18 11:28:41 +02:00
members	Bug 30063: Remove svc/members/search	2022-04-04 09:47:01 +02:00
records	Bug 32631: Error when previewing record during batch record modification	2023-01-27 16:16:43 -03:00
virtualshelves	Bug 34913: Adjust C4::Utils::DataTables::VirtualShelves	2024-03-19 19:19:13 +00:00
article_request	Bug 28785: Adjust check_cookie_auth calls	2021-10-18 11:28:41 +02:00
authentication
authorised_values	Bug 28785: Adjust check_cookie_auth calls	2021-10-18 11:28:41 +02:00
barcode	Bug 37464: Validate "type" sent to barcode/svc	2024-08-13 11:05:31 -03:00
bib	Bug 35181: Don't pass undef to header	2023-11-09 21:10:13 -10:00
bib_framework	Bug 28750: fix svc/bib_framework	2021-07-26 16:28:52 +02:00
bib_profile
checkin	Bug 28785: Adjust check_cookie_auth calls	2021-10-18 11:28:41 +02:00
checkout_notes	Bug 28785: Adjust check_cookie_auth calls	2021-10-18 11:28:41 +02:00
checkouts	Bug 33944: Don't fetch item object unless using recalls	2023-07-17 14:42:23 +01:00
convert_report	Bug 34533: jsdiff library missing from guided reports page	2023-08-29 20:46:54 -10:00
cover_images	Bug 29771: Remove trivial cases	2022-03-08 23:03:34 -10:00
creator_batches	Bug 28785: Adjust check_cookie_auth calls	2021-10-18 11:28:41 +02:00
holds	Bug 24860: Add hold's item group to holds table on circulation.pl and moremember.pl	2022-11-04 19:39:57 -03:00
import_bib	Bug 15869: Change framework on overlay	2023-02-07 10:32:22 -03:00
localization
new_bib	Bug 29697: Replace some missing occurrences	2022-07-25 09:30:30 -03:00
problem_reports	Bug 28785: Adjust check_cookie_auth calls	2021-10-18 11:28:41 +02:00
recall	Bug 30924: Add missing branchtransfers.reason value for recall cancellation	2022-06-13 10:30:51 -03:00
renew	Bug 27249: Prevent infinite loop when searching for an open day	2023-10-24 20:27:34 -10:00
report	Bug 26669: (QA follow-up) Update last run when report run by name	2022-04-04 16:23:46 +02:00
return_claims	Bug 29931: (follow-up) Fix svc/checkouts and return_claims too	2022-03-15 22:30:50 -10:00
split_callnumbers