https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18762
Lee Jamison <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #7 from Lee Jamison <[email protected]> --- Running 'prove -v xt/author/valid-templates.t' outputs the following warnings (I included surrounding passed tests to indicate where in the test the warnings appear: ok 228 - /home/vagrant/kohaclone/koha-tmpl/intranet-tmpl/prog/en/modules/catalogue/issuehistory.tt CGI::param called in list context from package Template::Document line 41, this can lead to vulnerabilities. See the warning in "Fetching the value or values of a single named parameter" at /usr/share/perl5/CGI.pm line 436. CGI::param called in list context from package Template::Document line 43, this can lead to vulnerabilities. See the warning in "Fetching the value or values of a single named parameter" at /usr/share/perl5/CGI.pm line 436. CGI::param called in list context from package Template::Document line 41, this can lead to vulnerabilities. See the warning in "Fetching the value or values of a single named parameter" at /usr/share/perl5/CGI.pm line 436. CGI::param called in list context from package Template::Document line 43, this can lead to vulnerabilities. See the warning in "Fetching the value or values of a single named parameter" at /usr/share/perl5/CGI.pm line 436. CGI::param called in list context from package Template::Document line 41, this can lead to vulnerabilities. See the warning in "Fetching the value or values of a single named parameter" at /usr/share/perl5/CGI.pm line 436. CGI::param called in list context from package Template::Document line 43, this can lead to vulnerabilities. See the warning in "Fetching the value or values of a single named parameter" at /usr/share/perl5/CGI.pm line 436. CGI::param called in list context from package Template::Document line 41, this can lead to vulnerabilities. See the warning in "Fetching the value or values of a single named parameter" at /usr/share/perl5/CGI.pm line 436. CGI::param called in list context from package Template::Document line 43, this can lead to vulnerabilities. See the warning in "Fetching the value or values of a single named parameter" at /usr/share/perl5/CGI.pm line 436. CGI::param called in list context from package Template::Document line 121, this can lead to vulnerabilities. See the warning in "Fetching the value or values of a single named parameter" at /usr/share/perl5/CGI.pm line 436. CGI::param called in list context from package Template::Document line 122, this can lead to vulnerabilities. See the warning in "Fetching the value or values of a single named parameter" at /usr/share/perl5/CGI.pm line 436. CGI::param called in list context from package Template::Document line 123, this can lead to vulnerabilities. See the warning in "Fetching the value or values of a single named parameter" at /usr/share/perl5/CGI.pm line 436. CGI::param called in list context from package Template::Document line 124, this can lead to vulnerabilities. See the warning in "Fetching the value or values of a single named parameter" at /usr/share/perl5/CGI.pm line 436. CGI::param called in list context from package Template::Document line 466, this can lead to vulnerabilities. See the warning in "Fetching the value or values of a single named parameter" at /usr/share/perl5/CGI.pm line 436. CGI::param called in list context from package Template::Document line 471, this can lead to vulnerabilities. See the warning in "Fetching the value or values of a single named parameter" at /usr/share/perl5/CGI.pm line 436. k 229 - /home/vagrant/kohaclone/koha-tmpl/intranet-tmpl/prog/en/modules/catalogue/itemsearch.tt ok 230 - /home/vagrant/kohaclone/koha-tmpl/intranet-tmpl/prog/en/modules/catalogue/itemsearch_csv.tt CGI::param called in list context from package Template::Document line 3, this can lead to vulnerabilities. See the warning in "Fetching the value or values of a single named parameter" at /usr/share/perl5/CGI.pm line 436. ok 231 - /home/vagrant/kohaclone/koha-tmpl/intranet-tmpl/prog/en/modules/catalogue/itemsearch_json.tt ok 599 - /home/vagrant/kohaclone/koha-tmpl/intranet-tmpl/prog/en/modules/patroncards/image-manage.tt CGI::param called in list context from package Template::Document line 47, this can lead to vulnerabilities. See the warning in "Fetching the value or values of a single named parameter" at /usr/share/perl5/CGI.pm line 436. ok 600 - /home/vagrant/kohaclone/koha-tmpl/intranet-tmpl/prog/en/modules/patroncards/manage.tt Everything passes so I COULD sign off on it but before I do I wanted to make sure the CGI::Param warning wouldn't cause a security/architectural concern. -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
