Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Main Koha release repository https://koha-community.org
54621 commits 35 branches 616 tags 1.8 GiB
Perl 45.6%
JavaScript 39.3%
HTML 7.2%
XSLT 3.7%
Vue 1.4%
Other 2.3%
Find a file
David Cook bf427a2947
Bug 37553: Consistently send Csrf-Token in request header 
This change consistently sends the Csrf-Token in the request header.
Previously, one POST sent it in the request body, while the other POST
sent it in the request header. Since we're using an API, it's best
for us to always send it in the request header

Test plan:
0. Apply the patch
1. perl ./misc/migration_tools/koha-svc.pl \
	http://localhost:8081/cgi-bin/koha/svc koha koha 29 > bib-29.xml
2. perl ./misc/migration_tools/koha-svc.pl \
	http://localhost:8081/cgi-bin/koha/svc koha koha 29 bib-29.xml
3. Note that the following appears in STDOUT and there is no 403 error:
"update 29 from bib-29.xml"

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-08-02 18:59:59 +02:00
acqui Bug 37343: Fixed search for vendors when transferring an item in acquistions 2024-07-22 07:37:24 +01:00
admin Bug 37263: Fix URL param retrieval 2024-08-02 18:59:56 +02:00
api Bug 37018: Clarify operators 2024-08-01 17:26:44 +02:00
authorities Bug 37235: Fix export of single authority record 2024-07-08 17:49:19 +02:00
basket Bug 34478: Add 'op' to sendbasketform 2024-03-01 10:58:53 +01:00
bin
bookings
C4 Bug 37476: Fix reserved word error on Serials.pm on MySQL 8 2024-07-26 14:50:45 +01:00
catalogue Bug 37425: Check for existence of biblio object before fetching cover images 2024-07-25 11:01:29 +01:00
cataloguing Bug 37371: Move Maskito init to onReady in dateaccessioned.pl 2024-07-22 07:33:18 +01:00
circ Bug 37210: Properly escape SQL query parameters by using bind values 2024-08-01 17:26:46 +02:00
clubs Bug 34478: Manual fix - add op clubs/templates-add-modify 2024-03-01 10:57:55 +01:00
course_reserves Bug 28762: Use Koha::Course in course-details controller 2024-07-23 16:04:05 +01:00
debian Bug 29507: Speed up auto renew cronjob via parallel processing 2024-07-05 15:48:11 +02:00
docs Bug 37003: (follow-up) Amend 22.11 RMaint 2024-06-25 18:34:14 +02:00
erm
errors Bug 36148: Improve error handling and restore programming errors 2024-03-01 11:01:06 +01:00
etc Bug 29507: Speed up auto renew cronjob via parallel processing 2024-07-05 15:48:11 +02:00
ill Bug 35106: CSRF fix 2024-04-29 18:53:09 +02:00
installer Bug 37419: DBRev 24.06.00.022 2024-08-01 18:22:30 +02:00
Koha Bug 37389: (QA follow-up) Tidy 2024-08-02 18:59:55 +02:00
koha-tmpl Bug 37077: Fix report mutli-select for zero and single selections 2024-08-02 18:59:57 +02:00
labels Bug 37206: Removing an item from a label batch should be a CSRF-protected POST operation 2024-07-02 17:20:38 +02:00
lib Bug 35681: Use ::Bootstrap version of FromANSI 2024-05-02 16:47:39 +02:00
members Bug 28924: (QA follow-up) Use $self instead of $patron 2024-07-18 18:25:55 +02:00
misc Bug 37553: Consistently send Csrf-Token in request header 2024-08-02 18:59:59 +02:00
offline_circ Bug 34478: Changes for offline_circ 2024-03-01 10:58:34 +01:00
opac Bug 37339: Set messaging preferences from default on self registration 2024-07-18 17:53:11 +02:00
patron_lists Bug 34478: Changes for patron_lists/add-modify 2024-03-01 10:57:41 +01:00
patroncards Bug 36877: (follow-up) Fix op eq edit to op eq edit_form in edit-batch.pl 2024-05-17 12:03:52 +02:00
plugins Bug 30897: Add option to disable automated restart 2024-04-11 16:53:42 +02:00
pos Bug 33478: Apply formatting to RECEIPT 2024-04-26 20:15:44 +02:00
preservation
recalls Bug 33478: Apply formatting to RECALL_REQUESTER_DET 2024-04-26 20:15:45 +02:00
reports Bug 37108: Cash register statistics wizard is wrongly sorting payment by manager_id branchcode 2024-07-12 10:21:29 +02:00
reserve Bug 30579: Disentangle multi-hold and single bib forms 2024-05-07 15:53:57 +02:00
reviews Bug 37074: Comment approval and un-approval should be CSRF-protected 2024-08-01 17:26:34 +02:00
rotating_collections Bug 34478: Manual fix - add op - rotating_collections/addItems 2024-03-01 10:57:33 +01:00
serials Bug 37247: Fix display of "closed" 2024-08-01 17:26:38 +02:00
services
skel
suggestion Bug 37337: Pass the save $op when biblio_exists 2024-07-18 17:53:12 +02:00
svc Bug 37031: Club enrollment from staff interface fails due to Entrollment typo 2024-07-11 13:40:49 +02:00
t Bug 37389: (QA follow-up) Tidy 2024-08-02 18:59:55 +02:00
tags Bug 34478: Add 'op' to tags/review 2024-03-01 10:58:25 +01:00
tools Bug 36815: (follow-up) Fix logic for new languages 2024-06-27 14:04:52 +02:00
virtualshelves Bug 37285: (QA follow-up) Perl Tidy 2024-07-26 13:56:33 +01:00
xt Bug 37018: Add 400 response definition to all routes 2024-08-01 17:26:44 +02:00
.editorconfig
.eslintrc.json Bug 36400: Centralize {js,ts,vue} formatting config in .prettierrc.js 2024-04-22 08:57:39 +02:00
.gitignore Bug 36546: (QA follow-up) Add bundle spec to .gitignore 2024-04-30 15:55:37 -03:00
.htaccess
.mailmap Bug 36943: (follow-up) 24.05.00 - Update .mailmap 2024-05-24 15:36:40 +02:00
.perlcriticrc
.perltidyrc
.prettierrc.js Bug 36400: (follow-up) remove option editorconfig from .prettierrc.js 2024-04-22 08:57:40 +02:00
.proverc.dist
.stylelintrc.json
about.pl Bug 37260: Check message broker for both 'about' and 'sysinfo' tabs 2024-07-22 07:35:31 +01:00
app.psgi Bug 36149: Add userenv middleware to app.psgi 2024-05-14 15:04:37 -03:00
build-resources.PL
changelanguage.pl
cpanfile Bug 25159: Add ability to specify a pre-modified version of action log data and store as diff 2024-05-02 16:47:42 +02:00
cypress.config.ts Bug 36012: Extend cypress's requestTimeout value 2024-03-22 15:07:36 +01:00
fix-perl-path.PL
gulpfile.js Bug 36730: (Bug 35428 follow-up) po files (sometimes) fail to update 2024-05-07 15:53:44 +02:00
help.pl
INSTALL
Koha.pm Bug 37419: DBRev 24.06.00.022 2024-08-01 18:22:30 +02:00
kohaversion.pl
LICENSE
mainpage.pl Bug 30493: (QA follow-up) Fix for the only_my_library case as well 2024-06-21 15:02:54 +02:00
Makefile.PL Bug 36546: Deploy swagger_bundle.json via make 2024-04-30 14:32:10 +02:00
MANIFEST.SKIP
package.json Bug 37303: Replace po2json with a JS version 2024-07-26 14:49:53 +01:00
README
README.md
README.robots
rewrite-config.PL
tsconfig.json
webpack.config.js Bug 35919: Add record sources admin page 2024-04-26 17:06:04 +02:00
yarn.lock Bug 37302: (follow-up) Update yarn.lock 2024-07-24 07:49:53 +01:00

README.md

Koha is a free software integrated library system (ILS).

Koha is distributed under the GNU GPL version 3 or later.

Note: Koha does not accept pull requests from git hosting sites.

Note: This project has its own bug tracker, to report a bug or submit a patch visit http://bugs.koha-community.org.

For guidelines on submitting patches for Koha please visit https://wiki.koha-community.org/wiki/SubmitingAPatch

The developers handbook can be found at https://wiki.koha-community.org/wiki/Developer_handbook

http://koha-community.org/

Koha Logo