[Koha-bugs] [Bug 2026] Comments allow unsanitized input
bugzilla-daemon at pippin.metavore.com
bugzilla-daemon at pippin.metavore.com
Thu May 22 22:16:42 CEST 2008
http://bugs.koha.org/cgi-bin/bugzilla/show_bug.cgi?id=2026
joe.atzberger at liblime.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Priority|P3 |PATCH-Sent
------- Comment #3 from joe.atzberger at liblime.com 2008-05-22 13:16 -------
Overhauling patch sent. Scrubber and Error feedback added.
Note: we CANNOT rely on window.close in onSubmit or $().submit to close our
popups. On a relatively slow connection with a relatively large POST, commonly
the close finishes *before* the POST completes, as reported with our New
Zealand clients. Despite success in trivial cases, this should be obvious,
since the event is necessarily before the submission. It also assumes success
and prevents any kind of error feedback, so we should avoid it even if it did
work in all cases. We should close the popup on confirmation from the server,
like ajax success or as implemented here in Template.
Other Koha popups are likely to exhibit this same defective behavior.
Some FIXME's outstanding: need to allow users to delete their own comments,
need to enforce and feedback on max comment length.
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
More information about the Koha-bugs
mailing list