https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25639
--- Comment #9 from Nick Clemens <[email protected]> --- (In reply to David Cook from comment #7) > Here's a thought: > > Does it have to be in the HTML? (We're not displaying the HTML nor are we > POSTing a hidden field, so this just seems a bit hacky.) > > Since we know what the search query is when we're building the HTTP > response, we could possibly just put it in a Javascript variable. > > You could store the 3 strings in a JSON object, and since we'd build the > JSON server-side, it would be easy to validate the data to prevent XSS > vulnerabilities. > > Anyway, just a thought. It could be a cleaner way of doing it. In javascript we would need to make it a global variable, we have other instances in the code of placing useful information in the HTML (loggedinbranch etc.) -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
