Katrin Fischer <> changed:

           What    |Removed                     |Added
  Attachment #56007|0                           |1
        is obsolete|                            |

--- Comment #3 from Katrin Fischer <> ---
Created attachment 56149
[PASSED QA] Bug 17393: Fix non-Latin chars handling in self reg

If you fill the patron self reg with non-latin characters, they will be
encoded with HTML entities (&eacute;)
This bug leads to generate a userid with weird behaviors:
é => eacute
ł => x

Test plan:
0/ Do not apply the patch
1/ Set up the Self reg feature
2/ fill surname, fistname with something like "Michał pouéàç"
3/ Save
4/ See the bad encoding/replacement on the screen and look at the data
The accentued chars are replaced with their html representation and the
non-Latin chars with a 'x'
in the DB
5/ Apply this patch
6/ Repeat steps 2, 3
7/ Everything should be ok
8/ Try to make sure this HTML::Entities escape was not useful:
fill surname with "surname <script>alert("xss?")</script>"
Save and look at the data

Followed test plan, works as expected.
Signed-off-by: Marc Véron <>

Signed-off-by: Katrin Fischer  <>

You are receiving this mail because:
You are watching all bug changes.
Koha-bugs mailing list
website :
git :
bugs :

Reply via email to