[Koha-bugs] [Bug 20975] New: Improve auto escaping performance
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu Jun 21 16:01:46 CEST 2018
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20975
Bug ID: 20975
Summary: Improve auto escaping performance
Change sponsored?: ---
Product: Koha
Version: unspecified
Hardware: All
OS: All
Status: ASSIGNED
Severity: major
Priority: P5 - low
Component: Architecture, internals, and plumbing
Assignee: jonathan.druart at bugs.koha-community.org
Reporter: jonathan.druart at bugs.koha-community.org
QA Contact: testopia at bugs.koha-community.org
Depends on: 13618
On bug 13618 we are trying to get rid of XSS issues with a global solution.
Using Template::Stash::AutoEscaping we are going to apply a html filter to all
of our template variables. The problem is that we can have thousands of
variables displayed (and so escaped).
Referenced Bugs:
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13618
[Bug 13618] Prevent XSS in the Staff Client and the OPAC
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list