[Koha-bugs] [Bug 22223] Item url double-encode when parameter is an encoded URL
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu Jul 30 08:44:18 CEST 2020
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22223
--- Comment #24 from David Cook <dcook at prosentient.com.au> ---
Consider the following code:
#!/usr/bin/perl
use strict;
use warnings;
use URI;
use Template;
my $one =
URI->new('https://www.google.com/url?q=https://buttercup.pw"></a><injection></injection><a
href="');
my $two = URI->new('https://www.google.com/url?q=https%3A%2F%2Fbuttercup.pw');
my $template = Template->new();
my $output;
$template->process( \*DATA, { one => $one, two => $two }, \$output );
warn $output;
__DATA__
[% one %]
[% two %]
Consider the following output:
https://www.google.com/url?q=https://buttercup.pw%22%3E%3C/a%3E%3Cinjection%3E%3C/injection%3E%3Ca%20href=%22
https://www.google.com/url?q=https%3A%2F%2Fbuttercup.pw
In this case it's let the correctly percent encoded URL through, but it's also
encoded the malicious URL.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list