https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=38523
--- Comment #3 from David Cook <[email protected]> --- Admittedly, I'm not super familiar with the entire translation process in Koha start to finish. Here's some steps I took: sudo apt-get install koha-l10n --reinstall ./debian/scripts/koha-translate -i fr-FR -d kohadev vi koha-tmpl/intranet-tmpl/prog/fr-FR/js/locale_data.js The "Delete" translation probably wouldn't cause syntax errors, but it could be used to inject XSS, although in theory the Translation Manager should catch that? It looks like "key" and "value" aren't currently translated... but I can test it anyway by manually editing locale_data.js. We'll inject this string into locale_data.js: "key":[null,"\"cle\""], After we install fr-FR, change to French, enable ILLModule, and go to http://localhost:8081/cgi-bin/koha/ill/ill-requests.pl?method=create&backend=Standard we click on "Nouvelle demande de PEB", and we click on "Ajouter un nouveau champ". Et voilĂ ... no placeholder text because we've accidentally generated <input type="text" class="custom-name " name="custom_key" placeholder="" cle""=""> -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
