[koha-commits] main Koha release repository branch master updated. v3.18.00-60-g87a0b79
Git repo owner
gitmaster at git.koha-community.org
Sat Dec 27 01:02:13 CET 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "main Koha release repository".
The branch, master has been updated
via 87a0b79a65f179fdef5aee98701660cca00a273e (commit)
via 951f3346a25c7f2883f834398055c2413b8f9c9b (commit)
from 96eae74fc12defc8f81f073724fc663e5895b9a2 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 87a0b79a65f179fdef5aee98701660cca00a273e
Author: Owen Leonard <oleonard at myacpl.org>
Date: Mon Nov 3 12:29:48 2014 -0500
Bug 13017 - Login page image replacement technique fails when browser width exceeds 2000 pixels
This patch updates the image replacement technique used for Koha's login
page. The old technique used a negative text-indent value to move the
text offscreen, but that begins to fail more and more often as screens
get larger.
The new technqiue is described here:
http://www.zeldman.com/2012/03/01/replacing-the-9999px-hack-new-image-replacement/
Note: This patch has not been tested in any Internet Explorer version!
To test you must have a screen which is wider than 2000 pixels. Apply
the patch, clear your browser cache and view the staff client login
page. The logo on the login form should look correct with no
corresponding text appearing anywhere on the screen.
Signed-off-by: Christopher Brannon <cbrannon at debian.localdomain>
Signed-off-by: Kyle M Hall <kyle at bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen at gmail.com>
commit 951f3346a25c7f2883f834398055c2413b8f9c9b
Author: Chris Cormack <chrisc at catalyst.net.nz>
Date: Wed Dec 10 12:47:30 2014 +1300
Bug 13425 - XSS in intranet facets - Patch for 3.18 and master
To Test
1/ Craft a url like /cgi-bin/koha/catalogue/search.pl?q=smith&sort_by='"><script>prompt('Happy_Holidays')</script>
It is important it must return results and facets
2/ Notice the js is executed
3/ Apply the patch test again
Signed-off-by: Katrin Fischer <Katrin.Fischer.83 at web.de>
No prompts, no functional regressions found.
Checked selecting and undoing facets, show more links and paging.
Signed-off-by: Mason James <mtj at kohaaloha.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen at gmail.com>
-----------------------------------------------------------------------
Summary of changes:
koha-tmpl/intranet-tmpl/prog/en/css/login.css | 6 ++++--
koha-tmpl/intranet-tmpl/prog/en/includes/facets.inc | 6 +++---
koha-tmpl/intranet-tmpl/prog/en/includes/page-numbers.inc | 6 +++---
3 files changed, 10 insertions(+), 8 deletions(-)
hooks/post-receive
--
main Koha release repository
More information about the koha-commits
mailing list