[Koha-bugs] [Bug 13618] Prevent XSS in the Staff Client and the OPAC
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon Jan 18 12:18:51 CET 2016
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13618
--- Comment #114 from Jonathan Druart <jonathan.druart at bugs.koha-community.org> ---
Created attachment 46767
-->
http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=46767&action=edit
Bug 13618: Use Template::Stash::AutoEscaping to use the html filter
Test plan:
0/ sudo cpanm Template::Stash::AutoEscaping
1/ Verify don't reproduce the XSS issue described on bug 13609 and other
xss related bugs.
2/ Try to find some encoding issues (detail page, search results,
facets, etc.)
Signed-off-by: Signed-off-by: Joonas Kylmälä <j.kylmala at gmail.com>
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel at gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer at bsz-bw.de>
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list