[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Koha-bugs] [Bug 1919] New: Form contents not escaped on login page
From: |
bugzilla-daemon |
Subject: |
[Koha-bugs] [Bug 1919] New: Form contents not escaped on login page |
Date: |
Wed, 5 Mar 2008 15:07:42 -0800 (PST) |
http://bugs.koha.org/cgi-bin/bugzilla/show_bug.cgi?id=1919
Summary: Form contents not escaped on login page
Product: Koha
Version: rel_3_0
Platform: PC
OS/Version: All
Status: NEW
Severity: normal
Priority: P3
Component: Authentication
AssignedTo: address@hidden
ReportedBy: address@hidden
QAContact: address@hidden
I was entering in a new MARC record, and as it happened, my session expired
before I finished. When I clicked "Save", therefore, I was taken to the
"Session timed out, please login again" page. All good and well.
Problem is, the form that is passed into the login page does not have its
contents escaped. Therefore if there are any characters in the MARC form like
angle-brackets, quotation marks, etc. they will break the login form (or, if
not that, then the Add Biblio form that follows it).
Attached are some screenshots showing the problem - a screenshot of the MARC
form, a screenshot of the login form, and a look at the source code of the
broken login form.
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Koha-bugs] [Bug 1919] New: Form contents not escaped on login page,
bugzilla-daemon <=