]> git.koha-community.org Git - koha.git/commit
Bug 23075: (follow-up) Dissallow transparent redirects
authorMartin Renvoize <martin.renvoize@ptfs-europe.com>
Mon, 4 Nov 2019 13:13:16 +0000 (13:13 +0000)
committerMartin Renvoize <martin.renvoize@ptfs-europe.com>
Wed, 6 Nov 2019 17:05:10 +0000 (17:05 +0000)
commit1e47e5a849fb0297f7da1a5ebd5d94f5b8cd46f9
treec82fb0afa110ad5b83b9e65a8ef422cd1c2353d4
parenta1161ced1d977d872ab4238fc38ae30440978204
Bug 23075: (follow-up) Dissallow transparent redirects

GET request redirects were causing the http URL to 'pass' our 'good url'
test for http => https redirected mana servers. However, on the
subsquent POST request to get a mana security token we would fail as the
POST was not transparently redirected.

This patch changes the request to be a simple_request so we will catch
bad urls earlier and it also prevents submissions for security tokens if
the configured URL is identified as bad.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Koha/SharedContent.pm
koha-tmpl/intranet-tmpl/prog/en/modules/admin/share_content.tt