[Koha-bugs] [Bug 6629] [security] insecure use of Cookie for language selection
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Nov 25 07:38:49 CET 2011
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=6629
Chris Cormack <chris at bigballofwax.co.nz> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #6400|0 |1
is obsolete| |
--- Comment #6 from Chris Cormack <chris at bigballofwax.co.nz> 2011-11-25 06:38:49 UTC ---
Created attachment 6401
--> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=6401
Bug 6629 : Sanitizing input from language cookie
I dont think we can use only 2 digits, some languages is much longer
zh-hans-TW for example
But the regex should stop it bening able handle nasty chars,
whitelisting safe ones instead
--
Configure bugmail: http://bugs.koha-community.org/bugzilla3/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA Contact for the bug.
You are watching all bug changes.
More information about the Koha-bugs
mailing list