http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=6629
--- Comment #9 from Frère Sébastien Marie <[email protected]> 2011-11-25 07:16:06 UTC --- about the patch (6403): - I think we should also remove (or sanitize) $ENV{ HTTP_ACCEPT_LANGUAGE }, as is it a user controlled string also. - the regexp is not accurate (I think): use s/[^a-zA-Z_-]*//g instead of s/[^a-zA-Z_-]*// -- Configure bugmail: http://bugs.koha-community.org/bugzilla3/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA Contact for the bug. You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
