[Koha-bugs] [Bug 9411] Multiple uses of javascript eval on ajax responses in acq.js
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9411 Jonathan Druart changed: What|Removed |Added Resolution|--- |DUPLICATE Status|Failed QA |RESOLVED --- Comment #14 from Jonathan Druart --- *** This bug has been marked as a duplicate of bug 4439 *** -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 9411] Multiple uses of javascript eval on ajax responses in acq.js
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9411 Marc Véronchanged: What|Removed |Added CC||ve...@veron.ch --- Comment #13 from Marc Véron --- Is this bug still valid? (Does not apply). -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 9411] Multiple uses of javascript eval on ajax responses in acq.js
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9411 Jonathan Druart jonathan.dru...@biblibre.com changed: What|Removed |Added CC||jonathan.dru...@biblibre.co ||m --- Comment #12 from Jonathan Druart jonathan.dru...@biblibre.com --- Hugh, Any chances to see this resubmitted? -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 9411] Multiple uses of javascript eval on ajax responses in acq.js
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9411 --- Comment #11 from Kyle M Hall k...@bywatersolutions.com --- Since the patch in question doesn't change the behavior of Koha ( at least in theory ) it would be as simple as 1) Perform some action that tests the code to be modified 2) Apply this patch 3) Perform the same action, ensure everything still works the same. What that the action or actions are, is up to you. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 9411] Multiple uses of javascript eval on ajax responses in acq.js
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9411 --- Comment #10 from Hugh Davenport h...@davenport.net.nz --- Hey Kyle/Owen, What would the format of a test plan be? Cheers, Hugh -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 9411] Multiple uses of javascript eval on ajax responses in acq.js
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9411 Owen Leonard oleon...@myacpl.org changed: What|Removed |Added Status|Needs Signoff |Failed QA --- Comment #9 from Owen Leonard oleon...@myacpl.org --- Failing QA pending the addition of a test plan. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 9411] Multiple uses of javascript eval on ajax responses in acq.js
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9411 --- Comment #8 from Kyle M Hall k...@bywatersolutions.com --- Hugh, can you add a test plan to the patches comments? -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 9411] Multiple uses of javascript eval on ajax responses in acq.js
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9411 Kyle M Hall k...@bywatersolutions.com changed: What|Removed |Added CC||k...@bywatersolutions.com -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 9411] Multiple uses of javascript eval on ajax responses in acq.js
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9411 Chris Cormack ch...@bigballofwax.co.nz changed: What|Removed |Added CC||ch...@bigballofwax.co.nz --- Comment #7 from Chris Cormack ch...@bigballofwax.co.nz --- Yep, that's quite common in a lot of projects, you'll notice Galen does it also. It means they have tested it themselves. Still needs an external sign off of course. In fact just the other day Galen remarked something like when did we stop adding a sign off to our patches? -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 9411] Multiple uses of javascript eval on ajax responses in acq.js
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9411 --- Comment #1 from Hugh Davenport h...@davenport.net.nz --- A brief look tells me that it is checking for numerical types, which would be better suited by parseInt and parseFloat -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 9411] Multiple uses of javascript eval on ajax responses in acq.js
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9411 Hugh Davenport h...@davenport.net.nz changed: What|Removed |Added Severity|normal |major -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 9411] Multiple uses of javascript eval on ajax responses in acq.js
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9411 Hugh Davenport h...@davenport.net.nz changed: What|Removed |Added Status|NEW |ASSIGNED Assignee|koha-b...@lists.koha-commun |h...@davenport.net.nz |ity.org | --- Comment #2 from Hugh Davenport h...@davenport.net.nz --- fixing -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 9411] Multiple uses of javascript eval on ajax responses in acq.js
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9411 Hugh Davenport h...@davenport.net.nz changed: What|Removed |Added Status|ASSIGNED|Needs Signoff -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 9411] Multiple uses of javascript eval on ajax responses in acq.js
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9411 Hugh Davenport h...@davenport.net.nz changed: What|Removed |Added Patch complexity|--- |Trivial patch -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 9411] Multiple uses of javascript eval on ajax responses in acq.js
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9411 --- Comment #3 from Hugh Davenport h...@davenport.net.nz --- Created attachment 14648 -- http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=14648action=edit bug 9411 Fix javascript evals to use parseInt and parseFloat The acq.js file used evals to parse the return text of ajax queries to determine what result to return. This is a bad thing, and can potentially cause security risks. This patch converts those eval calls to parseInt and parseFloat calls. Note: This patch depends on the patch in bug 4437 so there are no conflicts. Signed-off-by: Hugh Davenport h...@davenport.net.nz -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 9411] Multiple uses of javascript eval on ajax responses in acq.js
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9411 Hugh Davenport h...@davenport.net.nz changed: What|Removed |Added Attachment #14648|0 |1 is obsolete|| --- Comment #4 from Hugh Davenport h...@davenport.net.nz --- Created attachment 14650 -- http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=14650action=edit bug 9411 Fix javascript evals to use parseInt and parseFloat The acq.js file used evals to parse the return text of ajax queries to determine what result to return. This is a bad thing, and can potentially cause security risks. This patch converts those eval calls to parseInt and parseFloat calls. Note: This patch depends on the patch in bug 4437 so there are no conflicts. Signed-off-by: Hugh Davenport h...@davenport.net.nz -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 9411] Multiple uses of javascript eval on ajax responses in acq.js
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9411 Hugh Davenport h...@davenport.net.nz changed: What|Removed |Added Patch complexity|Trivial patch |Small patch -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 9411] Multiple uses of javascript eval on ajax responses in acq.js
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9411 Hugh Davenport h...@davenport.net.nz changed: What|Removed |Added Attachment #14650|0 |1 is obsolete|| --- Comment #5 from Hugh Davenport h...@davenport.net.nz --- Created attachment 14652 -- http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=14652action=edit bug 4439 Change some helper files to use C4::Service Depends on bug 4437 to avoid conflicts Depends on bug 9412 for a new feature used Also fixes bug 9411 Signed-off-by: Hugh Davenport h...@davenport.net.nz -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/