]> git.koha-community.org Git - koha.git/commit
Bug 19128 - XSS - patron-attr-types.tt, authorised_values.tt and categories.tt
authorKatrin Fischer <katrin.fischer.83@web.de>
Wed, 16 Aug 2017 12:34:17 +0000 (14:34 +0200)
committerKatrin Fischer <katrin.fischer.83@web.de>
Tue, 19 Sep 2017 21:04:00 +0000 (23:04 +0200)
commitcf373de7a8e811032b1d6a9ebac1652bed87a59e
treece19961d4f920965055c82f5c973f949193ed29f
parent5e405e8d5da74bfe5ffb6be40a7dbd9937017670
Bug 19128 - XSS - patron-attr-types.tt, authorised_values.tt and categories.tt

Preparation:
- Add a branch with script in the branch name
- Add a patron category with script in the category name
- Add a new authorised value cateogory with script
- Add a new authroised value for this category with script
  in all possible fields

- Test editing patron categories
- Test editing patron attribute types
- Test viewing and editing authorised values

Verify that with this script there is no more script executed
and everything works fine.

Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 6b7ad77fffd7a6c4b69bce5bf666c6ff4be76c5b)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 8b85e835541e650cfa4c867bcd65fc5d03334613)
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
koha-tmpl/intranet-tmpl/prog/en/modules/admin/authorised_values.tt
koha-tmpl/intranet-tmpl/prog/en/modules/admin/categories.tt
koha-tmpl/intranet-tmpl/prog/en/modules/admin/patron-attr-types.tt