[Koha-bugs] [Bug 13618] Prevent XSS in the Staff Client and the OPAC
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Jul 20 16:24:34 CEST 2018
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13618
--- Comment #220 from Martin Renvoize <martin.renvoize at ptfs-europe.com> ---
Looks to be going along the right lines to me, I like the approach and can see
it leading to a much better base to start with.
Maintaining it going forward is the next challenge.. hopefully some carefully
placed git hooks could help there, or adding some logic to the qa script to try
and catch them?
I've also often wondered about having a community arachni server (or some other
automated penetration testing system) setup and hitting a clone of master
regularly... think I've brought that idea up before but didn't have the time to
pursue it.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list