[Koha-bugs] [Bug 13618] Prevent XSS in the Staff Client and the OPAC
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu Dec 17 13:24:34 CET 2015
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13618
--- Comment #91 from Jonathan Druart <jonathan.druart at bugs.koha-community.org> ---
(In reply to Bernardo Gonzalez Kriegel from comment #90)
> (In reply to Jonathan Druart from comment #89)
> > Please use the remote branch.
>
> Hi, there is a easy conflict on
> koha-tmpl/intranet-tmpl/prog/en/includes/doc-head-close.inc :)
Rebased.
> Record and item editor now look good,
> but on item editor there is a 'Uncought SyntaxError: Unxepected token &',
> seems to come from
>
> var columns_settings = [{"columnname":"barcode"},
> {"columnname":"dateaccessioned"},
> ...
> {"columnname":"stocknumber"}]
Introduced by a new patch, fixed in a new commit "Bug 13618: (follow-up)
Specific for ColumnsSettings"
> No errors on record editor or plugins, there is a warning on MARC 006/008
> "Synchronous XMLHttpRequest on the main thread is deprecated because of its
> detrimental effects to the end user's experience. For more help, check
> http://xhr.spec.whatwg.org/."
Could you confirm you don't have it on master?
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list