]> git.koha-community.org Git - koha.git/commit
projects / koha.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a636fb2) | patch
Bug 7316 - Missing escaping in search results
authorFrère Sébastien Marie <semarie-koha@latrappe.fr>
Sun, 4 Dec 2011 17:14:09 +0000 (18:14 +0100)
committerChris Nighswonger <chris.nighswonger@gmail.com>
Fri, 9 Dec 2011 15:28:47 +0000 (10:28 -0500)
commitfb1d1cdea1b8863b70532670944582b2c57b0cc0
tree433a163259464b5e79596f0763727214cec3ed7ctree | snapshot
parenta636fb2e0d15610b30568ae0aa8742b4746a6c86commit | diff
Bug 7316 - Missing escaping in search results

Two parameters are now escaped in title (html element):
 - query_desc
 - limit_desc

This is a security correction against XSS.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
(cherry picked from commit 48173560ba583da4fe6d3f2ba2f071573b4b927e)

Signed-off-by: Chris Nighswonger <chris.nighswonger@gmail.com>
koha-tmpl/intranet-tmpl/prog/en/modules/catalogue/results.tt diff | blob | history
koha-tmpl/opac-tmpl/prog/en/modules/opac-results-grouped.tt diff | blob | history
koha-tmpl/opac-tmpl/prog/en/modules/opac-results.tt diff | blob | history
Main Koha release repository