https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=41846
--- Comment #13 from David Nind <[email protected]> --- Created attachment 193679 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=193679&action=edit Bug 41846: Fix nl2br to happen after html escaping This patch removes the newline to <br/> (nl2br) handling in the .pl script, and instead moves it after the Template::Toolkit "html" filter. In this way, we get the security of the "html" filter while also converting new lines into safe <br/> elements. We also fix a little style problem. Hurray! Test plan: 0. Apply the patch and koha-plack --restart kohadev 1. Ensure the RoutingSerials system preference is enabled 2. Create a "Subscription" for a known biblionumber (e.g. 29) with whatever details 3. On the subscription-detail.pl page for that subscription, click on "Create routing list" 4. Add whatever recipients you want and put the following into Notes: Testing out notes 1-26-26 more notes 2-5-26 = more notes, 3 copies <p>Awesome... still safe</p> 5. Click "Save" 6. Observe that your notes are output exactly the same way you put them in. The newlines appear to be newlines to the human eye, while that pesky <p></p> markup is escaped. 7. Observe that the notes are also neatly lined up with the rest of the routing list display for an attractive user experience 8. Celebrate again. Hurray! Signed-off-by: David Nind <[email protected]> -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
