[Koha-bugs] [Bug 29853] Text needs HTML filter before KohaSpan filter
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon Feb 14 14:12:48 CET 2022
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=29853
Solene D <solene.desvaux at biblibre.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #129325|0 |1
is obsolete| |
--- Comment #4 from Solene D <solene.desvaux at biblibre.com> ---
Created attachment 130547
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=130547&action=edit
Bug 29853: Add HTML filter before KohaSpan filter
Usage of Template Toolkit plugin KohaSpan as filter is actually :
Group [% added.title | $KohaSpan class = 'name' | $raw %] created.
But KohaSpan filter does not escape HTML characters.
Whe should filter HTML then KohaSpan.
This patch adds TT html filter before KohaSpan.
Also replaces in Javascript html() with text()
to ensure special caracters are still encoded.
See https://api.jquery.com/text/
Test plan :
1) Create a library with name Libra'rie
2) Create a library group with name Grou'pe
3) Play with this group
4) Add library
5) Remove library
6) Edit group
7) Delete group
8) Each time check that &apos, is not interpreted as single quote
Signed-off-by: Solène Desvaux <solene.desvaux at biblibre.com>
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list