[Koha-bugs] [Bug 20945] Report params not escaped when downloading
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Wed Jun 20 13:51:54 CEST 2018
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20945
--- Comment #5 from Nick Clemens <nick at bywatersolutions.com> ---
(In reply to Katrin Fischer from comment #4)
> Firefox - maybe a different version? But it trying to be smart could explain.
My version: 61.0b13
Just to check, that URL you pasted is the report url, I meant the URL of the
download links.
To download as tab I get:
http://localhost:8081/cgi-bin/koha/reports/guided_reports.pl?reports=1&phase=Export&format=tab&report_id=13&reportname=Test&sql_params=%25¶m_name=Enter|Asort1
Versus the report URL:
http://localhost:8081/cgi-bin/koha/reports/guided_reports.pl?reports=13&phase=Run+this+report¶m_name=Enter%7CAsort1&sql_params=%2525#
Notice the param changes from:
%2525 in the report URL
to
%25 in the download URL
This has the effect of running the report with param as '%' when downloading
(because it translates %25 as an html code)
The results will download, however, they will include all the barcodes, instead
of the limited set it should be
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list