projects / koha.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0885344) | patch
Bug 4461: Correctly deal with encoding/escaping chars
authorJonathan Druart <jonathan.druart@bugs.koha-community.org>
Fri, 3 Apr 2020 11:52:12 +0000 (13:52 +0200)
committerMartin Renvoize <martin.renvoize@ptfs-europe.com>
Mon, 6 Apr 2020 10:19:40 +0000 (11:19 +0100)
commitc98d6f14ee588e5648c97ad75dfa07d0a719739f
tree91744db33b7d8b959a344690081fc91dd4f3f301tree | snapshot
parent0885344e8056f34dd2cd9f38626fcaf321dda961commit | diff
Bug 4461: Correctly deal with encoding/escaping chars

This patch deals (hopefully) correctly with encoding and escaping chars.
It also remove OPACBaseURL from the url stored in DB, and readd is on
display, to avoid possible attacks.

Test plan:
Go to the authority search
fill term with something hacky
<script>alert('booh!')</script>And Ŝ♥m€ E★tr₳
Search
Click the "Report a problem" link
Fill the form and make sure the url is displayed correctly
submit
Check problem_reports.problempage in DB => Should be correctly displayed
Go to staff interface, "OPAC problem reports"
=> Confirm the link is correctly display
Click it
=> Confirm that you are at the OPAC, and the URL is correct

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
koha-tmpl/intranet-tmpl/prog/en/modules/admin/problem-reports.tt diff | blob | history
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-reportproblem.tt diff | blob | history
opac/opac-reportproblem.pl diff | blob | history
Mirror of git://git.koha-community.org/koha.git