18 Jan
2017
18 Jan
'17
8:51 a.m.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=17855 --- Comment #99 from Jonathan Druart <jonathan.druart@bugs.koha-community.org> --- (In reply to Alex Buckley from comment #95)
In the template memberentrygen.tt the html inputs value attribute has a '| html' in it (e.g. <input name="cardnumber" value="cardnumber | html">, as I understand it this stops any special characters entered into the input field from being executed as code.
Nope it's a protection to XSS attacks. -- You are receiving this mail because: You are watching all bug changes.