[Koha-bugs] [Bug 17720] CSRF token is not generated correctly
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon Dec 5 09:24:15 CET 2016
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=17720
--- Comment #1 from Jonathan Druart <jonathan.druart at bugs.koha-community.org> ---
Created attachment 57949
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=57949&action=edit
Bug 17720: CSRF - Handle unicode characters
>From the pod of Digest::MD5:
"""
Since the MD5 algorithm is only defined for strings of bytes, it can not
be used on strings that contains chars with ordinal number above 255
(Unicode strings). The MD5 functions and methods will croak if you try
to feed them such input data.
What you can do is calculate the MD5 checksum of the UTF-8
representation of such strings.
"""
Test plan:
- Set a MySQL/MariaDB password with unicode characters:
UPDATE user SET password=PASSWORD('❤') WHERE USER='koha_kohadev';
FLUSH PRIVILEGES
- Update your $KOHA_CONF file
- Restart Memcached
- Hit the files modified by this patch
=> Without this patch, you will get a software error (with "Wide
character in subroutine entry" in the logs).
=> With this patch, everything will go fine
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list