[Bug 13618] Prevent XSS in the Staff Client and the OPAC
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13618 Jonathan Druart <jonathan.druart@bugs.koha-community.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #77806|0 |1 is obsolete| | --- Comment #233 from Jonathan Druart <jonathan.druart@bugs.koha-community.org> --- Created attachment 77807 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=77807&action=edit Bug 13618: [DO NOT PUSH] have fun In order to generate quickly a lot of relevant data I have modified a bit TestBuilder->_gen_text to insert <script> tags in DB. The transaction have been removed from t/db_dependent/Koha/Patrons.t To use it, use a clean data (sample data only) the run t/db_dependent/Koha/Patrons.t (only once, it will fail it you run it more) Search for patrons, without this patch you will get a looot of alert boxes. Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> -- You are receiving this mail because: You are watching all bug changes.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org