[Koha-patches] [PATCH] Bug 3652: Fixes XSS vulnerabilities and XTHML errors in opac-search-history.tmpl
Garry Collum
gcollum at gmail.com
Tue Feb 16 01:17:01 CET 2010
---
.../prog/en/modules/opac-search-history.tmpl | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/koha-tmpl/opac-tmpl/prog/en/modules/opac-search-history.tmpl b/koha-tmpl/opac-tmpl/prog/en/modules/opac-search-history.tmpl
index 657ad14..f129925 100644
--- a/koha-tmpl/opac-tmpl/prog/en/modules/opac-search-history.tmpl
+++ b/koha-tmpl/opac-tmpl/prog/en/modules/opac-search-history.tmpl
@@ -46,7 +46,7 @@
<!-- TMPL_LOOP NAME="recentSearches" -->
<tr>
<td><!-- TMPL_VAR NAME="time" --></td>
- <td><a href="/cgi-bin/koha/opac-search.pl?<!-- TMPL_VAR NAME="query_cgi" -->"><!-- TMPL_VAR NAME="query_desc" ESCAPE="html" --></a></td>
+ <td><a href="/cgi-bin/koha/opac-search.pl?<!-- TMPL_VAR NAME="query_cgi" ESCAPE="html" -->"><!-- TMPL_VAR NAME="query_desc" ESCAPE="html" --></a></td>
<td><!-- TMPL_VAR NAME="total" --></td>
</tr>
<!-- /TMPL_LOOP -->
@@ -64,7 +64,7 @@
<!-- TMPL_LOOP NAME="previousSearches" -->
<tr>
<td><!-- TMPL_VAR NAME="time" --></td>
- <td><a href="/cgi-bin/koha/opac-search.pl?<!-- TMPL_VAR NAME="query_cgi" -->"><!-- TMPL_VAR NAME="query_desc" --></a></td>
+ <td><a href="/cgi-bin/koha/opac-search.pl?<!-- TMPL_VAR NAME="query_cgi" ESCAPE="html" -->"><!-- TMPL_VAR NAME="query_desc" ESCAPE="html" --></a></td>
<td><!-- TMPL_VAR NAME="total" --></td>
</tr>
<!-- /TMPL_LOOP -->
--
1.5.6.5
More information about the Koha-patches
mailing list