Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Koha/koha-tmpl/intranet-tmpl/prog/en/modules
History
Marcel de Rooy dc4617ba3b Bug 17109: Add CSRF token to [opac-]sendbasket 
If you have no (valid) token, you will not be able to send the message.

Test plan:
[1] Verify if you can still send the cart from opac and intranet.
[2] While still being logged in, try to send the cart from opac by
    using the following URL:
    /cgi-bin/koha/opac-sendbasket.pl?email_add=you@somedomain.com&comment=csrf_test&bib_list=doesnotmatter&csrf_token=justsomeguess12345
    This should now result in a csrf error.

Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-09-09 13:37:47 +00:00
..
acqui Bug 16738 - Improve EDIFACT messages template 2016-09-09 12:54:56 +00:00
admin Bug 17012 - Remove more event attributes from administration templates 2016-09-09 13:29:52 +00:00
authorities Bug 16600 - Remove some obsolete references to Greybox in some templates 2016-07-08 13:03:26 +00:00
basket Bug 17109: Add CSRF token to [opac-]sendbasket 2016-09-09 13:37:47 +00:00
batch
catalogue Bug 16507: Show play media tab first if record has no holdings 2016-09-09 12:10:40 +00:00
cataloguing Bug 17072: 006 not filling in with existing values 2016-09-08 11:58:39 +00:00
circ Bug 15758: Fix variable name, it's a branchcode 2016-09-08 14:36:06 +00:00
common Bug 15758: Koha::Libraries - Remove GetBranches 2016-09-08 14:36:03 +00:00
course_reserves Bug 17112: Action buttons for course reserves detail page 2016-09-09 13:17:50 +00:00
errors
help Bug 16978: Add delete reports user permission 2016-09-09 13:23:52 +00:00
installer
labels Bug 16576 [Revised] Remove the use of "onclick" from label templates 2016-09-09 12:11:21 +00:00
members Bug 16908: Koha::Patrons - Remove GetSortDetails 2016-09-09 13:12:28 +00:00
offline_circ Bug 16538: Improve the style of progress bars 2016-07-15 18:06:08 +00:00
patron_lists Bug 16778: Replace usage of Greybox modals with Bootstrap modals 2016-07-08 14:42:12 +00:00
patroncards Bug 14138: Patroncard: Warn user if PDF creation fails 2016-07-15 15:00:56 +00:00
plugins
reports Bug 16978: Add delete reports user permission 2016-09-09 13:23:52 +00:00
reserve Bug 15758: Koha::Libraries - Remove GetBranches 2016-09-08 14:36:03 +00:00
reviews
rotating_collections Bug 15758: Koha::Libraries - Remove GetBranches 2016-09-08 14:36:03 +00:00
serials Bug 16968 - Remove the use of "onclick" from serial patron and vendor search templates 2016-09-09 13:23:11 +00:00
services
sms
suggestion Bug 15758: Koha::Libraries - Remove GetBranches 2016-09-08 14:36:03 +00:00
tags Bug 16456: Reintroduce wording "Delete tag" 2016-06-17 15:40:25 +00:00
test
tools Bug 16937 [Revised] Remove "onclick" from the manage staged MARC records template 2016-09-09 13:17:09 +00:00
virtualshelves Bug 16897 - Re-focus on "Add item" in Lists 2016-07-15 15:05:28 +00:00
about.tt Bug 13501: Add JS library select2 3.5.4 2016-09-02 16:25:04 +00:00
auth.tt Bug 15758: Koha::Libraries - Remove GetBranches 2016-09-08 14:36:03 +00:00
intranet-main.tt