[koha-commits] main Koha release repository branch master updated. v3.18.00-60-g87a0b79

Git repo owner gitmaster at git.koha-community.org
Sat Dec 27 01:02:13 CET 2014 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "main Koha release repository".

The branch, master has been updated
       via  87a0b79a65f179fdef5aee98701660cca00a273e (commit)
       via  951f3346a25c7f2883f834398055c2413b8f9c9b (commit)
      from  96eae74fc12defc8f81f073724fc663e5895b9a2 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 87a0b79a65f179fdef5aee98701660cca00a273e
Author: Owen Leonard <oleonard at myacpl.org>
Date:   Mon Nov 3 12:29:48 2014 -0500

    Bug 13017 - Login page image replacement technique fails when browser width exceeds 2000 pixels
    
    This patch updates the image replacement technique used for Koha's login
    page. The old technique used a negative text-indent value to move the
    text offscreen, but that begins to fail more and more often as screens
    get larger.
    
    The new technqiue is described here:
    http://www.zeldman.com/2012/03/01/replacing-the-9999px-hack-new-image-replacement/
    
    Note: This patch has not been tested in any Internet Explorer version!
    
    To test you must have a screen which is wider than 2000 pixels. Apply
    the patch, clear your browser cache and view the staff client login
    page. The logo on the login form should look correct with no
    corresponding text appearing anywhere on the screen.
    
    Signed-off-by: Christopher Brannon <cbrannon at debian.localdomain>
    
    Signed-off-by: Kyle M Hall <kyle at bywatersolutions.com>
    Signed-off-by: Tomas Cohen Arazi <tomascohen at gmail.com>

commit 951f3346a25c7f2883f834398055c2413b8f9c9b
Author: Chris Cormack <chrisc at catalyst.net.nz>
Date:   Wed Dec 10 12:47:30 2014 +1300

    Bug 13425 - XSS in intranet facets - Patch for 3.18 and master
    
    To Test
    1/ Craft a url like /cgi-bin/koha/catalogue/search.pl?q=smith&sort_by='"><script>prompt('Happy_Holidays')</script>
    
    It is important it must return results and facets
    
    2/ Notice the js is executed
    3/ Apply the patch test again
    
    Signed-off-by: Katrin Fischer <Katrin.Fischer.83 at web.de>
    No prompts, no functional regressions found.
    Checked selecting and undoing facets, show more links and paging.
    Signed-off-by: Mason James <mtj at kohaaloha.com>
    
    Signed-off-by: Tomas Cohen Arazi <tomascohen at gmail.com>

-----------------------------------------------------------------------

Summary of changes:
 koha-tmpl/intranet-tmpl/prog/en/css/login.css             |    6 ++++--
 koha-tmpl/intranet-tmpl/prog/en/includes/facets.inc       |    6 +++---
 koha-tmpl/intranet-tmpl/prog/en/includes/page-numbers.inc |    6 +++---
 3 files changed, 10 insertions(+), 8 deletions(-)


hooks/post-receive
-- 
main Koha release repository

More information about the koha-commits mailing list