[Koha-bugs] [Bug 13618] Prevent XSS in the Staff Client and the OPAC
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Tue Aug 4 16:22:43 CEST 2015
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13618
Jonathan Druart <jonathan.druart at bugs.koha-community.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #40480|0 |1
is obsolete| |
--- Comment #27 from Jonathan Druart <jonathan.druart at bugs.koha-community.org> ---
Created attachment 41346
-->
http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=41346&action=edit
Bug 13618: Use Template::Stash::AutoEscaping to use the html filter
Test plan:
0/ sudo cpanm Template::Stash::AutoEscaping
1/ Verify don't reproduce the XSS issue described on bug 13609 and other
xss related bugs.
2/ Try to find some encoding issues (detail page, search results,
facets, etc.)
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list