[Koha-bugs] [Bug 35072] Invalid usage of "& " in JavaScript intranet-tmpl script redirects

[bugzilla-daemon at bugs.koha-community.org]

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35072

--- Comment #5 from M <schodkowy.omegi-0r at icloud.com> ---
Firefox on Windows. But the & part gets removed by reverse proxy actually,
and currently we're forced to use this proxy.

I remove the record from staff interface
(/cgi-bin/koha/catalogue/detail.pl?biblionumber=1715&found1=1), I press
Modify->Delete Record.

It does seem that using Apache2 directly there will not make it complain, but
there are intermediate servers that reparse URLs, and that's where there's
trouble.

This just coincidentally works in Perl, but is undefined behavior due to being
invalid request. For example in PHP you'd end up with $_REQUEST variable having
key "amp;biblionumber" instead of "biblionumber" in such request...

Btw the addbiblio.pl script could have some validation if delete operation
supplied the number parameter instead of just silently redirecting to search.pl
without doing anything actually...

-- 
You are receiving this mail because:
You are watching all bug changes.