[Koha-bugs] [Bug 2847] Use HTML escape in templates where appropriate
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Sat Nov 12 07:25:53 CET 2011
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=2847
Chris Cormack <chris at bigballofwax.co.nz> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #6294|0 |1
is obsolete| |
--- Comment #2 from Chris Cormack <chris at bigballofwax.co.nz> 2011-11-12 06:25:53 UTC ---
Created attachment 6299
--> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=6299
Incremental fix for Bug 2847, Use HTML escape in templates where appropriate
Fixes for output in a couple of acquisitions templates where
user-generated data should be escaped. This instances were found
by creating a vendor name like "Baker & Taylor" and finding
that the ampersand was not escaped, causing validation errors.
This patch also consolidates multiple <script> blocks which
do not need to be separate and corrects a couple of unclosed
<input> tags.
Signed-off-by: Chris Cormack <chrisc at catalyst.net.nz>
--
Configure bugmail: http://bugs.koha-community.org/bugzilla3/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the Koha-bugs
mailing list