From: Chris Cormack <chrisc@catalyst.net.nz>
Date: Thu, 16 Jun 2011 20:39:29 +0000 (+1200)
Subject: Bug 6518 : Fixing XSS issues on opac
X-Git-Url: http://git.rot13.org/?a=commitdiff_plain;h=126d6247b28f7655cc77d0727c0bb11c23950b90;hp=-c;p=koha.git

Bug 6518 : Fixing XSS issues on opac

Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
---

126d6247b28f7655cc77d0727c0bb11c23950b90
diff --git a/koha-tmpl/opac-tmpl/prog/en/modules/opac-addbybiblionumber.tt b/koha-tmpl/opac-tmpl/prog/en/modules/opac-addbybiblionumber.tt
index dab4fdab9c..f6479f93cd 100644
--- a/koha-tmpl/opac-tmpl/prog/en/modules/opac-addbybiblionumber.tt
+++ b/koha-tmpl/opac-tmpl/prog/en/modules/opac-addbybiblionumber.tt
@@ -66,7 +66,7 @@
 		<option value="1">Private</option>
 		<option value="2">Public</option>
 		</select></li></ol></fieldset>
-		[% FOREACH biblio IN biblios %] <input type="hidden" name="biblionumber" value="[% biblio.biblionumber %]" />[% END %]
+		[% FOREACH biblio IN biblios %] <input type="hidden" name="biblionumber" value="[% biblio.biblionumber | html%]" />[% END %]
 		<fieldset class="action"><input type="submit" value="Save" class="submit" /> <a class="close cancel" href="#">Cancel</a></fieldset>
 		</form>
 	[% END %]
diff --git a/koha-tmpl/opac-tmpl/prog/en/modules/opac-downloadcart.tt b/koha-tmpl/opac-tmpl/prog/en/modules/opac-downloadcart.tt
index 45d5de72cf..8d22c4d3a0 100644
--- a/koha-tmpl/opac-tmpl/prog/en/modules/opac-downloadcart.tt
+++ b/koha-tmpl/opac-tmpl/prog/en/modules/opac-downloadcart.tt
@@ -19,7 +19,7 @@
 	</select></li></ol>
 </fieldset>
 <fieldset class="action">
-	<input type="hidden" name="bib_list" value="[% bib_list %]" />
+	<input type="hidden" name="bib_list" value="[% bib_list | html %]" />
 	<input type="submit" name="save" value="Go" />
 </fieldset>
     </form>
diff --git a/koha-tmpl/opac-tmpl/prog/en/modules/opac-downloadshelf.tt b/koha-tmpl/opac-tmpl/prog/en/modules/opac-downloadshelf.tt
index 608c955801..b984f5d100 100644
--- a/koha-tmpl/opac-tmpl/prog/en/modules/opac-downloadshelf.tt
+++ b/koha-tmpl/opac-tmpl/prog/en/modules/opac-downloadshelf.tt
@@ -26,7 +26,7 @@
 
 		</select></li></ol>
 	</fieldset>
-	<fieldset class="action">	<input type="hidden" name="shelfid" value="[% shelfid %]" />
+	<fieldset class="action">	<input type="hidden" name="shelfid" value="[% shelfid | html %]" />
 		<input type="submit" name="save" value="Go" /></fieldset>
 	    </form>
 
diff --git a/koha-tmpl/opac-tmpl/prog/en/modules/opac-review.tt b/koha-tmpl/opac-tmpl/prog/en/modules/opac-review.tt
index 338f174441..3e696145cd 100644
--- a/koha-tmpl/opac-tmpl/prog/en/modules/opac-review.tt
+++ b/koha-tmpl/opac-tmpl/prog/en/modules/opac-review.tt
@@ -11,7 +11,7 @@
 			[% IF ( cgi_debug ) %]alert(_('injecting OLD comment: ')+comment);[% END %]
 			parent.opener.$('#c[% reviewid %] p').prev("small").prev("h5").html("Your Edited Comment (preview, pending approval)");
 			parent.opener.$('#c[% reviewid %] p').html(comment);
-			parent.opener.$('#c[% reviewid %] p').append(" <a href=\"#comment\" onclick=\"Dopop(\'/cgi-bin/koha/opac-review.pl?biblionumber=[% biblionumber %]&amp;reviewid=[% reviewid %]\');\">Edit<\/a>");
+			parent.opener.$('#c[% reviewid %] p').append("<a href=\"#comment\" onclick=\"Dopop(\'/cgi-bin/koha/opac-review.pl?biblionumber=[% biblionumber | uri %]&amp;reviewid=[% reviewid | uri%]\');\">Edit<\/a>");
 			[% END %]
 			return 1;
 		};
@@ -21,7 +21,7 @@
 			parent.opener.$('#newcomment').html(
 				"<h5>Your Comment (preview, pending approval)<\/h5>" +
 				"<p>"+comment+"<\/p>" +
-				"<a href=\"#comment\" onclick=\"Dopop(\'/cgi-bin/koha/opac-review.pl?biblionumber=[% biblionumber %]\');\">Edit<\/a><\/p>"
+				"<a href=\"#comment\" onclick=\"Dopop(\'/cgi-bin/koha/opac-review.pl?biblionumber=[% biblionumber |uri%]\');\">Edit<\/a><\/p>"
 			);
 			parent.opener.$("#addcomment").prev("p").remove();
 			parent.opener.$("#addcomment").remove();
@@ -66,7 +66,7 @@
 	</div>
 [% END %]
 <form id="reviewf" action="/cgi-bin/koha/opac-review.pl[% IF ( cgi_debug ) %]?debug=1[% END %]" method="post">
-    <input type="hidden" name="biblionumber" value="[% biblionumber %]" />
+    <input type="hidden" name="biblionumber" value="[% biblionumber | html%]" />
 	<fieldset class="brief">
 	<legend>Comments on <i>[% title |html %] [% subtitle %]</i>[% IF ( author ) %]by [% author %][% END %]</legend>
             <ol><li><textarea id="review" name="review" cols="60" rows="8">[% review %]</textarea></li></ol>
diff --git a/koha-tmpl/opac-tmpl/prog/en/modules/opac-serial-issues.tt b/koha-tmpl/opac-tmpl/prog/en/modules/opac-serial-issues.tt
index 8d6b94b755..5d45b53fdd 100644
--- a/koha-tmpl/opac-tmpl/prog/en/modules/opac-serial-issues.tt
+++ b/koha-tmpl/opac-tmpl/prog/en/modules/opac-serial-issues.tt
@@ -12,9 +12,9 @@
 <div id="userserialissues" class="container">
 <h2>Issues for a subscription</h2>
 <div id="views">
-	<span class="view"><a id="Normalview" href="opac-detail.pl?biblionumber=[% biblionumber %]" class="button">Normal View</a></span>
+	<span class="view"><a id="Normalview" href="opac-detail.pl?biblionumber=[% biblionumber | html %]" class="button">Normal View</a></span>
 		<span class="view"><span id="Briefhistory">Brief history</span></span>
-	<span class="view"><a id="Fullhistory" href="opac-serial-issues.pl?selectview=full&amp;biblionumber=[% biblionumber %]" class="button">Full History</a></span>
+	<span class="view"><a id="Fullhistory" href="opac-serial-issues.pl?selectview=full&amp;biblionumber=[% biblionumber | html%]" class="button">Full History</a></span>
 </div>
 <form method="post" name="f">
 [% FOREACH subscription_LOO IN subscription_LOOP %]