[Koha-bugs] [Bug 13618] Prevent XSS in the Staff Client and the OPAC
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Sat Aug 29 11:12:10 CEST 2015
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13618
--- Comment #68 from Joonas Kylmälä <j.kylmala at gmail.com> ---
(In reply to Jonathan Druart from comment #28)
> Created attachment 41347 [details] [review]
> Bug 13618: Remove html filters at the OPAC
>
> This patch removes the html filters at the OPAC, if necessary.
>
> Generated with:
> perl -p -i -e 's/\ ?\|\ ?html(\ ?)%/\1%/g' **/*.tt **/*.inc
@@ -85,7 +85,7 @@
[% END %]
).
[% END %]
- <a href="[% OPACBaseURL
%]/cgi-bin/koha/opac-search.pl?[% query_cgi | url %][% limit_cgi |html | url
%]&count=[% countrss |html %]&sort_by=acqdate_dsc&forma~
+ <a href="[% OPACBaseURL
%]/cgi-bin/koha/opac-search.pl?[% query_cgi | url %][% limit_cgi |html | url
%]&count=[% countrss %]&sort_by=acqdate_dsc&format=rss2~
[% END # / IF total %]
</p>
[% END # / IF searchdesc %]
Shouldn't that one also be removed?
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list