[Koha-bugs] [Bug 2847] Use HTML escape in templates where appropriate
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Nov 11 18:40:57 CET 2011
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=2847
Owen Leonard <oleonard at myacpl.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #888 is|0 |1
obsolete| |
--- Comment #1 from Owen Leonard <oleonard at myacpl.org> 2011-11-11 17:40:57 UTC ---
Created attachment 6294
--> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=6294
Proposed fix
Fixes for output in a couple of acquisitions templates where
user-generated data should be escaped. This instances were found
by creating a vendor name like "Baker & Taylor" and finding
that the ampersand was not escaped, causing validation errors.
This patch also consolidates multiple <script> blocks which
do not need to be separate and corrects a couple of unclosed
<input> tags.
--
Configure bugmail: http://bugs.koha-community.org/bugzilla3/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the Koha-bugs
mailing list