[Koha-bugs] [Bug 6629] [security] insecure use of Cookie for language selection
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Nov 25 08:10:10 CET 2011
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=6629
Katrin Fischer <katrin.fischer at bsz-bw.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #6402|0 |1
is obsolete| |
--- Comment #8 from Katrin Fischer <katrin.fischer at bsz-bw.de> 2011-11-25 07:10:10 UTC ---
Created attachment 6403
--> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=6403
Bug 6629 : Sanitizing input from language cookie
I dont think we can use only 2 digits, some languages is much longer
zh-hans-TW for example
But the regex should stop it bening able handle nasty chars,
whitelisting safe ones instead
Signed-off-by: Katrin Fischer <Katrin.Fischer.83 at web.de>
I checked the patch doesn't break language switching and language selection.
--
Configure bugmail: http://bugs.koha-community.org/bugzilla3/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA Contact for the bug.
You are watching all bug changes.
More information about the Koha-bugs
mailing list