[Koha-bugs] [Bug 17830] CSRF token is not generated correctly (bis)

bugzilla-daemon at bugs.koha-community.org bugzilla-daemon at bugs.koha-community.org
Thu Dec 29 19:22:58 CET 2016


https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=17830

Karam Qubsi <karamqubsi at gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #58502|0                           |1
        is obsolete|                            |
                 CC|                            |karamqubsi at gmail.com

--- Comment #2 from Karam Qubsi <karamqubsi at gmail.com> ---
Created attachment 58515
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=58515&action=edit
[SIGNED-OFF]-Bug-17830-CSRF-Handle-unicode-characters in userid


If the userid of the logged in user contains unicode characters, the token
will not be generated correctly and Koha will crash with:
  Wide character in subroutine entry at /usr/share/perl5/Digest/HMAC.pm line
63.

Test plan:
- Edit a superlibrarian user and set his/her userid to '❤' or any other strings
with unicode characters.
- Login using this patron
- Search for patrons and click on a result.

=> Without this patch, you will get a software error (with "Wide
character in subroutine entry" in the logs).
=> With this patch, everything will go fine

You can also test the other files modified by this patch.

Signed-off-by: Karam Qubsi <karamqubsi at gmail.com>

Patch is solving the problem as described .

-- 
You are receiving this mail because:
You are watching all bug changes.


More information about the Koha-bugs mailing list