https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=38214
Bug ID: 38214
Summary: Audit use of TT url filter for uses that should be uri
instead
Change sponsored?: ---
Product: Koha
Version: Main
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5 - low
Component: Templates
Assignee: [email protected]
Reporter: [email protected]
QA Contact: [email protected]
Shame the two things look so much alike in so many fonts, when you have old
eyes.
The url filter is for filtering a full URL, when you don't want to escape : or
// since starting a URL with http%3A%2F%2F won't work well.
The uri filter is for filtering a URL parameter, where you want
'/search?query=why%3F' rather than '/search?query=why?' which breaks your URL
by having a second '?'.
Using url when you should use uri means you are leaving &, @, /, ;, :, =, +, ?
and $ unescaped when you shouldn't. In many cases, the wrong use of url is on
things like biblionumber, where that doesn't result in any interesting
behavior, but in other cases... you can create an authorized value category
named This&That=Stuff, and when you try to add a value to it, you will add a
value to the category This, and pass the parameter That with the value Stuff to
the script.
--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[email protected]
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
