]> git.koha-community.org Git - koha.git/commit
projects / koha.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d9d9cdb) | patch
Bug 7316 - Missing escaping in search results
authorFrère Sébastien Marie <semarie-koha@latrappe.fr>
Sun, 4 Dec 2011 17:14:09 +0000 (18:14 +0100)
committerChris Nighswonger <chris.nighswonger@gmail.com>
Fri, 9 Dec 2011 15:10:39 +0000 (10:10 -0500)
commita94573f58dba2a830502105323a53ae1359bcef7
tree106b541c0b1045199397060d93f7fe91667c86b3tree | snapshot
parentd9d9cdbad0c407c3a2acf2c2ba6a7c015465f88acommit | diff
Bug 7316 - Missing escaping in search results

Two parameters are now escaped in title (html element):
 - query_desc
 - limit_desc

This is a security correction against XSS.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
(cherry picked from commit 48173560ba583da4fe6d3f2ba2f071573b4b927e)

Signed-off-by: Chris Nighswonger <chris.nighswonger@gmail.com>
koha-tmpl/intranet-tmpl/prog/en/modules/catalogue/results.tt diff | blob | history
koha-tmpl/opac-tmpl/prog/en/modules/opac-results-grouped.tt diff | blob | history
koha-tmpl/opac-tmpl/prog/en/modules/opac-results.tt diff | blob | history
Main Koha release repository