From 5300bcd57458f9d39b376ad02d20903ce727e8db Mon Sep 17 00:00:00 2001 From: Nick Clemens Date: Mon, 18 Mar 2024 16:27:58 +0000 Subject: [PATCH] Bug 36349: Make sure CSRF token is included for all login scenarios To test: 1 - In KTD visit: http://localhost:8080/cgi-bin/koha/sci/sci-main.pl 2 - Everything should be set for auto self check user etc, just login as a patron If not (or not using KTD) setup a self check user, enable SCO and SCI, set self check patron system preferences, then login with patron 3 - 403 Error 4 - Repeat with sco: http://localhost:8080/cgi-bin/koha/sco/sco-main.pl 5 - Apply patch, restart all 6 - Try again, both should be successful Signed-off-by: Owen Leonard Signed-off-by: David Cook Signed-off-by: Katrin Fischer --- koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-auth.tt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-auth.tt b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-auth.tt index 0092e20b12..52a59027c9 100644 --- a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-auth.tt +++ b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-auth.tt @@ -208,8 +208,8 @@
[% ELSE %] - [% INCLUDE 'csrf-token.inc' %] [% END %] + [% INCLUDE 'csrf-token.inc' %] -- 2.39.5