| commit | 2a7b383c11398f9f49e0433222789a13aaa58ef0 | |
| author | Aleisha <aleishaamohia@hotmail.com> | |
| Tue, 9 Jun 2015 02:02:55 +0000 (9 02:02 +0000) | ||
| committer | Liz Rea <wizzyrea@gmail.com> | |
| Tue, 16 Jun 2015 01:20:37 +0000 (16 13:20 +1200) | ||
| tree | 14d6e7521d81d4e33dd6c945d729485ecd7fff66 | treesnapshot (tar.gz zip) |
| parent | 20213b7d5c2d4a13e01c27969fc184e0c21ec3ae | commitdiff |
Bug 14360: Unescaped variable causes alert pop-up
To test:
1) Create a list in the OPAC, name it: <script>alert('Hello');</script>
2) Delete the list
3) Confirm deletion
4) See the alert say 'Hello'
5) Apply patch
6) Recreate list with same name
7) Delete list
8) Confirm deletion and alert no longer pops up
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
(cherry picked from commit 9bef8f8738492564af7da78cba841366c70ada3c)
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
To test:
1) Create a list in the OPAC, name it: <script>alert('Hello');</script>
2) Delete the list
3) Confirm deletion
4) See the alert say 'Hello'
5) Apply patch
6) Recreate list with same name
7) Delete list
8) Confirm deletion and alert no longer pops up
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
(cherry picked from commit 9bef8f8738492564af7da78cba841366c70ada3c)
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
| koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-shelves.tt | diffblobblamehistory |