git.koha-community.org Git - koha.git/commit

author	Katrin Fischer <katrin.fischer.83@web.de>
	Wed, 16 Aug 2017 12:34:17 +0000 (14:34 +0200)
committer	Mason James <mtj@kohaaloha.com>
	Wed, 20 Sep 2017 03:14:43 +0000 (15:14 +1200)
commit	ffedb03412b100d296f64a3f7e4eeecde3f5680d
tree	9a6795c00e5f3e16a11b0f121a1ba3fe660aa4a6	tree \| snapshot
parent	ceb5b6cc82fb32dbb9899ad500fe2cc7a6c6008b	commit \| diff

Bug 19128 - XSS - patron-attr-types.tt, authorised_values.tt and categories.tt

Preparation:
- Add a branch with script in the branch name
- Add a patron category with script in the category name
- Add a new authorised value cateogory with script
- Add a new authroised value for this category with script
in all possible fields

- Test editing patron categories
- Test editing patron attribute types
- Test viewing and editing authorised values

Verify that with this script there is no more script executed
and everything works fine.

Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Mason James <mtj@kohaaloha.com>

koha-tmpl/intranet-tmpl/prog/en/modules/admin/authorised_values.tt		diff \| blob \| history
koha-tmpl/intranet-tmpl/prog/en/modules/admin/categories.tt		diff \| blob \| history
koha-tmpl/intranet-tmpl/prog/en/modules/admin/patron-attr-types.tt		diff \| blob \| history