[Koha-bugs] [Bug 36385] New: HTML escaped via JavaScript should encode all entities
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu Mar 21 14:47:33 CET 2024
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36385
Bug ID: 36385
Summary: HTML escaped via JavaScript should encode all entities
Change sponsored?: ---
Product: Koha
Version: master
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5 - low
Component: Architecture, internals, and plumbing
Assignee: koha-bugs at lists.koha-community.org
Reporter: kyle at bywatersolutions.com
QA Contact: testopia at bugs.koha-community.org
In staff-global.js, we have a function escape_str. This function only encodes a
tiny subset of html characters. We should use
https://github.com/mathiasbynens/he to encode the full set of html entities.
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
More information about the Koha-bugs
mailing list