[Koha-bugs] [Bug 23978] Notes field in saved reports should allow for HTML
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Feb 16 15:39:22 CET 2024
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23978
Magnus Enger <magnus at libriotech.no> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |magnus at libriotech.no
Status|Needs Signoff |Failed QA
--- Comment #8 from Magnus Enger <magnus at libriotech.no> ---
(In reply to Martin Renvoize from comment #5)
> This patch updates the notes field to a $raw filter to prevent html
> escaping of the data within it.
(In reply to David Cook from comment #7)
> Yeah I don't think we can just expose the raw HTML.
Sounds like a security problem and a FQA to me. Please set back to NSO if you
disagree. :-)
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list