Permalink
Browse files

Unescape Comment, now that we trust Scrubber to block bad markup.

Obviously if we are going to allow good markup, we can't then escape it.
Documentation reference: allowed tags for comments are:
	br b i em big small strong

Signed-off-by: Joshua Ferraro <jmf@liblime.com>
  • Loading branch information...
1 parent 7ca4d31 commit 1ebc373d18c82c331c125b073b0721638d6855cc Joe Atzberger committed with Joshua Ferraro May 23, 2008
Showing with 4 additions and 4 deletions.
  1. +2 −2 C4/Scrubber.pm
  2. +2 −2 koha-tmpl/opac-tmpl/prog/en/modules/opac-detail.tmpl
View
@@ -26,7 +26,7 @@ use vars qw($VERSION @ISA);
use vars qw(%scrubbertypes $scrubbertype);
BEGIN {
- $VERSION = 0.01;
+ $VERSION = 0.02;
# @ISA = qw(HTML::Scrubber);
}
@@ -35,7 +35,7 @@ INIT {
default => {}, # place holder, default settings are below as fallbacks in call to constructor
tag => {}, # uses defaults
comment => {
- allow => [qw( br b i em big small )],
+ allow => [qw( br b i em big small strong )],
},
staff => {
default => [ 1 =>{'*'=>1} ],
@@ -422,7 +422,7 @@
</h5>
<small><!-- TMPL_VAR NAME="datereviewed" --></small>
<p>
- <!-- TMPL_VAR NAME="review" ESCAPE="HTML" -->
+ <!-- TMPL_VAR NAME="review" ESCAPE=0 -->
<a href="#" onclick="Dopop('/cgi-bin/koha/opac-review.pl?biblionumber=<!-- TMPL_VAR NAME="biblionumber"-->&amp;reviewid=<!-- TMPL_VAR NAME="reviewid" -->');">Edit</a>
</p></div>
<!-- TMPL_ELSE -->
@@ -435,7 +435,7 @@
</h5>
<small><!-- TMPL_VAR NAME="datereviewed" --></small>
<p>
- <!-- TMPL_VAR NAME="review" ESCAPE="HTML" -->
+ <!-- TMPL_VAR NAME="review" ESCAPE=0 -->
</p></div>
<!-- /TMPL_IF -->
<!-- /TMPL_LOOP -->

0 comments on commit 1ebc373

Please sign in to comment.