]> git.evergreen-ils.org Git - Evergreen.git/commit
projects / Evergreen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9a3c9bd) | patch
Escape TPAC "myopac" output to protect against XSS attacks
authorDan Scott <dan@coffeecode.net>
Wed, 17 Aug 2011 19:36:15 +0000 (15:36 -0400)
committerBill Erickson <berick@esilibrary.com>
Wed, 17 Aug 2011 21:33:35 +0000 (17:33 -0400)
commitb38535de56dfd8a909811bf9822c90e6d679fdf6
tree1895efbf01fc998692f31d147552528109af2da2tree
parent9a3c9bd5b4fdc0e40078c8bd726623e762c8cc13commit | diff
Escape TPAC "myopac" output to protect against XSS attacks

We're using the Template::Toolkit html and uri filters to ensure that
the usual suspects are escaped at output time to prevent trivial XSS
attacks.

berick: did some merge cleanup

Signed-off-by: Dan Scott <dscott@laurentian.ca>
17 files changed:
Open-ILS/web/templates/default/opac/myopac/circ_history.tt2 diff | blob | history
Open-ILS/web/templates/default/opac/myopac/circs.tt2 diff | blob | history
Open-ILS/web/templates/default/opac/myopac/hold_history.tt2 diff | blob | history
Open-ILS/web/templates/default/opac/myopac/holds.tt2 diff | blob | history
Open-ILS/web/templates/default/opac/myopac/holds/edit.tt2 diff | blob | history
Open-ILS/web/templates/default/opac/myopac/lists.tt2 diff | blob | history
Open-ILS/web/templates/default/opac/myopac/main.tt2 diff | blob | history
Open-ILS/web/templates/default/opac/myopac/main_pay.tt2 diff | blob | history
Open-ILS/web/templates/default/opac/myopac/main_payment_form.tt2 diff | blob | history
Open-ILS/web/templates/default/opac/myopac/main_payments.tt2 diff | blob | history
Open-ILS/web/templates/default/opac/myopac/prefs.tt2 diff | blob | history
Open-ILS/web/templates/default/opac/myopac/prefs_notify.tt2 diff | blob | history
Open-ILS/web/templates/default/opac/myopac/prefs_settings.tt2 diff | blob | history
Open-ILS/web/templates/default/opac/myopac/receipt_email.tt2 diff | blob | history
Open-ILS/web/templates/default/opac/myopac/receipt_print.tt2 diff | blob | history
Open-ILS/web/templates/default/opac/myopac/update_email.tt2 diff | blob | history
Open-ILS/web/templates/default/opac/myopac/update_username.tt2 diff | blob | history
Evergreen ILS