[Koha-bugs] [Bug 13618] Prevent XSS everywhere at the OPAC
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon Jun 22 16:59:43 CEST 2015
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13618
Jonathan Druart <jonathan.druart at biblibre.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #35488|0 |1
is obsolete| |
Attachment #35516|0 |1
is obsolete| |
--- Comment #14 from Jonathan Druart <jonathan.druart at biblibre.com> ---
Created attachment 40480
-->
http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=40480&action=edit
Bug 13618: Use Template::Stash::AutoEscaping to use the html filter
Test plan:
0/ sudo cpanm Template::Stash::AutoEscaping
1/ Verify don't reproduce the XSS issue described on bug 13609 and other
xss related bugs.
2/ Try to find some encoding issues (detail page, search results,
facets, etc.)
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list