[Koha-devel] Huge performance issue cause by bug 13618 (XSS)
Brendan Gallagher
info at bywatersolutions.com
Thu Feb 11 20:45:43 CET 2016
I have reverted the patch series.
On Wed, Feb 10, 2016 at 11:19 PM, Renvoize, Martin <
martin.renvoize at ptfs-europe.com> wrote:
> Interestingly enough there was recently a long debate about xss escaping
> over in the Mojo irc channel. They obviously have their own temptation
> engine which uses Mojo::DOM in parts (which includes the xss_escape code).
>
> I'm envisioning the we'll end up needing to do that digging into
> Template::Stash::AutoEscaping and would suggest whoever does perhaps bases
> some enhancements on the mojo code ;-)
>
> For reference: http://irclog.perlgeek.de/mojo/2016-02-09#i_12010985 ,
> https://github.com/kraih/mojo/commit/ccbd7e92ffe2029e83f14e077095d6ddda27cd1c
>
> Martin
>
> _______________________________________________
> Koha-devel mailing list
> Koha-devel at lists.koha-community.org
> http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel
> website : http://www.koha-community.org/
> git : http://git.koha-community.org/
> bugs : http://bugs.koha-community.org/
>
--
---------------------------------------------------------------------------------------------------------------
Brendan A. Gallagher
ByWater Solutions
CEO
Support and Consulting for Open Source Software
Installation, Data Migration, Training, Customization, Hosting
and Complete Support Packages
Headquarters: Santa Barbara, CA - Office: Redding, CT
Phone # (888) 900-8944
http://bywatersolutions.com
info at bywatersolutions.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.koha-community.org/pipermail/koha-devel/attachments/20160211/21f305a3/attachment.html>
More information about the Koha-devel
mailing list