https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=7550
--- Comment #28 from Marcel de Rooy <[email protected]> --- Created attachment 62913 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=62913&action=edit Bug 7550: [QA Follow-up] Resolve param warning from sco-patron-image Resolve this warning: CGI::param called in list context from package C4::Service line 212, this can lead to vulnerabilities. See the warning in "Fetching the value or values of a single named parameter" at /usr/share/perl5/CGI.pm line 436. It comes from the require_params call in sco-patron-image.pl. Git grepping on require_params tells me this: members/default_messageprefs.pl:my ($categorycode) = C4::Service->require_params('categorycode'); opac/sco/sco-patron-image.pl:my ($borrowernumber) = C4::Service->require_params('borrowernumber'); opac/sco/sco-patron-image.pl:my ($csrf_token) = C4::Service->require_params('csrf_token'); svc/cataloguing/metasearch:my ( $query_string, $servers ) = C4::Service->require_params( 'q', 'servers' ); The only candidate for multi_param seems to be 'servers', but as we can see this variable is a scalar. Additional servers returned by require_params are lost. This should be solved on its own report. So, we can safely add scalar to the params call, resolve the warning and keep the same behavior. Signed-off-by: Marcel de Rooy <[email protected]> -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
