[Koha-bugs] [Bug 13618] Prevent XSS in the Staff Client and the OPAC
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Tue Aug 14 23:02:48 CEST 2018
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13618
Martin Renvoize <martin.renvoize at ptfs-europe.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #77804|0 |1
is obsolete| |
--- Comment #230 from Martin Renvoize <martin.renvoize at ptfs-europe.com> ---
Created attachment 77805
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=77805&action=edit
Bug 13618: [DO NOT PUSH] have fun
In order to generate quickly a lot of relevant data I have modified a
bit TestBuilder->_gen_text to insert <script> tags in DB. The
transaction have been removed from t/db_dependent/Koha/Patrons.t
To use it, use a clean data (sample data only) the run
t/db_dependent/Koha/Patrons.t (only once, it will fail it you run it
more)
Search for patrons, without this patch you will get a looot of alert
boxes.
Signed-off-by: Owen Leonard <oleonard at myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize at ptfs-europe.com>
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list