[Koha-bugs] [Bug 21454] Price filtered variables should not need to be html filtered

bugzilla-daemon at bugs.koha-community.org bugzilla-daemon at bugs.koha-community.org
Sat Sep 29 18:14:19 CEST 2018


https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21454

--- Comment #2 from Jonathan Druart <jonathan.druart at bugs.koha-community.org> ---
Created attachment 79615
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=79615&action=edit
Bug 21454: Do not require html filter on Price

Test plan:
- Apply first patch
- Confirm that tests is failing (t/template_filters.t)
- Apply second patch
- Confirm that tests return green
- Apply last patch
- Confirm that prices are displayed correctly

QA step:
Edit a template and add the following 2 lines:
[% SET p = '<script>alert("foo");</script>' %]
[% x | $Price %]
=> Display '0.00'

-- 
You are receiving this mail because:
You are watching all bug changes.


More information about the Koha-bugs mailing list