[Koha-bugs] [Bug 13618] Prevent XSS in the Staff Client and the OPAC

Tue Aug 14 23:13:59 CEST 2018

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13618

Jonathan Druart <jonathan.druart at bugs.koha-community.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #77806|0                           |1
        is obsolete|                            |

--- Comment #233 from Jonathan Druart <jonathan.druart at bugs.koha-community.org> ---
Created attachment 77807
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=77807&action=edit
Bug 13618: [DO NOT PUSH] have fun

In order to generate quickly a lot of relevant data I have modified a
bit TestBuilder->_gen_text to insert <script> tags in DB. The
transaction have been removed from t/db_dependent/Koha/Patrons.t

To use it, use a clean data (sample data only) the run
t/db_dependent/Koha/Patrons.t (only once, it will fail it you run it
more)
Search for patrons, without this patch you will get a looot of alert
boxes.

Signed-off-by: Owen Leonard <oleonard at myacpl.org>

Signed-off-by: Martin Renvoize <martin.renvoize at ptfs-europe.com>

-- 
You are receiving this mail because:
You are watching all bug changes.