[Koha-bugs] [Bug 6629] [security] insecure use of Cookie for language selection
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Nov 25 13:10:46 CET 2011
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=6629
Fridolyn SOMERS <fridolyn.somers at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fridolyn.somers at gmail.com
--- Comment #17 from Fridolyn SOMERS <fridolyn.somers at gmail.com> 2011-11-25 12:10:46 UTC ---
(In reply to comment #9)
> - the regexp is not accurate (I think):
> use s/[^a-zA-Z_-]*//g
> instead of s/[^a-zA-Z_-]*//
I agree :
$lang =~ s/[^a-zA-Z_-]*//;
It replaces only first occurence of pattern.
So it will clean heading special characters but not within or after.
Global matching :
$lang =~ s/[^a-zA-Z_-]//g;
There every special character is removed.
Thanks for your work.
Best regards.
--
Configure bugmail: http://bugs.koha-community.org/bugzilla3/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA Contact for the bug.
You are watching all bug changes.
More information about the Koha-bugs
mailing list