From 80de7080ef5f3694378c4a909b96ee62866d0b41 Mon Sep 17 00:00:00 2001 From: Nick Clemens Date: Wed, 5 Oct 2016 13:26:09 +0000 Subject: [PATCH] Bug 17392 - opac/svc/overdrive_proxy is not plack safe MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit This patch simply replaces the ';' in the param passed to OverDrive with '&' To test: 1 - Enable overdrive (requires an account) 2 - Perform an opac search 3 - Note the number of overdrive results reported 4 - Click the link to view the actual overdrive results 5 - Note the result numbers don't match 6 - Apply patch 7 - Repeat 1-4 and note results numbers match and results are relevant 8 - Test a search with a ';' to ensure this patch isn't breaking searches Signed-off-by: Chris Cormack Signed-off-by: Katrin Fischer Verified by reading code - couldn't verify using Overdrive. Signed-off-by: Brendan Gallagher (cherry picked from commit f28460bdb7cbb6a1261d8c50af6b10ffacf54ef3) Signed-off-by: Frédéric Demians --- opac/svc/overdrive_proxy | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/opac/svc/overdrive_proxy b/opac/svc/overdrive_proxy index fdddbbb197..052a7b9d2a 100755 --- a/opac/svc/overdrive_proxy +++ b/opac/svc/overdrive_proxy @@ -60,8 +60,10 @@ if ( !IsOverDriveEnabled() || !( $token = GetOverDriveToken() ) ) { exit; } +my $fixed_query = $query->query_string; +$fixed_query =~ tr/;/&/; -my $request = HTTP::Request::Common::GET( "https://api.overdrive.com/v1" . $query->path_info . '?' . $query->query_string ); +my $request = HTTP::Request::Common::GET( "https://api.overdrive.com/v1" . $query->path_info . '?' . $fixed_query ); $request->header( Authorization => $token ); my $ua = LWP::UserAgent->new( "Koha " . Koha::version() ); -- 2.39.5