David Cook
0c4fe03c23
This patch adds a HTML form with a CSRF token to POST the list delete,
which is triggered by a click handler on the A element. The A element
is still needed for existing style reasons.
Test plan:
0. Apply patch
1. koha-plack --reload kohadev
2. In the staff interface, add a list
3. Go into that list (e.g. virtualshelves/shelves.pl?op=view&shelfnumber=X)
4. From the toolbar click the "Edit" dropdown
5. From the dropdown try either "Edit list" or "Delete list"
6. Note no CSRF error and operation completes as expected
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit
|
||
|---|---|---|
| .. | ||
| css | ||
| en | ||
| img | ||
| js | ||
| sound | ||