[koha-commits] main Koha release repository branch master updated. v18.05.00-388-gc6b50f0
Git repo owner
gitmaster at git.koha-community.org
Thu Aug 2 15:35:36 CEST 2018
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "main Koha release repository".
The branch, master has been updated
via c6b50f0bac092779f93033c8a3f002cb8722d7d4 (commit)
via 552873f7d466abee6919414b8d2f5e6c99f9a44f (commit)
via 10720d2a5c50b82d565cab9ad70c8498164d81b2 (commit)
from 6e0548cc1a7a924731bd414fec2f7917f044040a (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit c6b50f0bac092779f93033c8a3f002cb8722d7d4
Author: David Cook <dcook at prosentient.com.au>
Date: Tue Jul 3 19:04:50 2018 +1000
Bug 21031: Apache Rewrite rules don't work for API when using anything but Debian package Plack configuration
The Rewrite rules for Apache don't work unless you're using
debian/templates/apache-shared-opac-plack.conf or
debian/templates/apache-shared-intranet-plack.conf.
This patch fixes the Rewrite rules for the non-Plack Debian
Apache configuration templates as well as the standard
Apache configuration file that comes with Koha.
__BEFORE APPLYING__
1. Visit /api/v1/app.pl/api/v1/spec on your git dev install
2. This should display a large page of JSON
3. Visit /api/v1/spec on your git dev install
4. This should generate a 404 error
__APPLY PATCH__
__AFTER APPLYING__
5. Visit /api/v1/app.pl/api/v1/spec on your git dev install
6. This should display a large page of JSON
7. Visit /api/v1/spec on your git dev install
8. This should display a large page of JSON (identical to
the one from earlier steps)
Signed-off-by: Ere Maijala <ere.maijala at helsinki.fi>
Signed-off-by: Marcel de Rooy <m.de.rooy at rijksmuseum.nl>
Passed QA with few notes posted separately to Bugzilla.
Signed-off-by: Tomas Cohen Arazi <tomascohen at theke.io>
commit 552873f7d466abee6919414b8d2f5e6c99f9a44f
Author: Andrew Isherwood <andrew.isherwood at ptfs-europe.com>
Date: Tue May 15 16:00:02 2018 +0100
Bug 20770: ILL loans OPAC form notes field allow arbitrary input
This patch addresses the lack of sanitization of the "notes" field on
the OPAC "View Interlibrary loan request" page.
To test:
- Apply the patch
- As an OPAC user, create an ILL request
- Navigate to the request's "View Interlibrary loan request" page
- Add the following note:
Hello
<h1>TESTING</h1>
<script>alert('pwned');</script>
- Click "Submit modifications"
- TEST: Observe, when the page reloads, only the following is preserved in the
"Notes" textarea:
Hello
TESTING
- As a staff user, naviate to the ILL requests table
- Select "Manage request" for the request you created
- TEST: Observe that the Notes field only contains:
Hello
TESTING
- TEST: Observe that no Javascript alert is displayed
Signed-off-by: Mark Tompsett <mtompset at hotmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy at rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen at theke.io>
commit 10720d2a5c50b82d565cab9ad70c8498164d81b2
Author: Liz Rea <liz at catalyst.net.nz>
Date: Thu Jul 26 16:26:15 2018 +1200
Bug 21122: Fix check-url-quick when utf8 characters in URL's
To test:
Make a record with a URL that has a UTF8 character, such as:
http://some.nonexistent.tld/MāoriWomenAotearoa.pdf
Run the check-url-quick.pl job, notice it dies at that URL
Apply this patch
Test again, it should work.
Signed-off-by: Owen Leonard <oleonard at myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart at bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen at theke.io>
-----------------------------------------------------------------------
Summary of changes:
debian/templates/apache-shared-intranet.conf | 6 ++----
debian/templates/apache-shared-opac.conf | 6 ++----
etc/koha-httpd.conf | 13 +++++--------
koha-tmpl/intranet-tmpl/prog/css/staff-global.css | 4 ++++
.../intranet-tmpl/prog/en/modules/ill/ill-requests.tt | 4 ++--
.../opac-tmpl/bootstrap/en/modules/opac-illrequests.tt | 4 ++--
misc/cronjobs/check-url-quick.pl | 2 ++
7 files changed, 19 insertions(+), 20 deletions(-)
hooks/post-receive
--
main Koha release repository
More information about the koha-commits
mailing list