Change #7847
| Category | None |
| Changed by | Galen Charlton <gmc@equinoxOLI.org> |
| Changed at | Tue 15 Jun 2021 17:43:31 |
| Repository | git://git.evergreen-ils.org/Evergreen.git |
| Project | Evergreen |
| Branch | master |
| Revision | fdd6ece0082069d59c7851af78ec5e91e42b46c0 |
Comments
LP#1930933: fix issue with over-escaping in search results title attributes
This patch fixes an issue where a record with a title containing the
word "hidden" can have its title, ironically enough, not show up
on public catalog search results.
To test
-------
[1] Create an OPAC-visible record whose 245 is something like:
=245 04$aThe hidden one <script>alert('title!')</script>
[2] Search for the record in both the TPAC and Bootstrap skin. Note
that the title isn't displayed.
[3] Apply the patch and repeat step 2. This time, the full title
should be displayed.
[4] Verify that the OPAC does not display an alert box.
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
Signed-off-by: Jason Stephenson <jason@sigio.com>
Signed-off-by: Jeff Davis <jdavis@sitka.bclibraries.ca>
Changed files
- Open-ILS/src/templates-bootstrap/opac/parts/result/table.tt2
- Open-ILS/src/templates/opac/parts/result/table.tt2