git.koha-community.org Git - koha.git/commit

author	David Cook <dcook@prosentient.com.au>
	Tue, 1 Aug 2023 06:56:23 +0000 (06:56 +0000)
committer	Tomas Cohen Arazi <tomascohen@theke.io>
	Mon, 25 Sep 2023 21:18:40 +0000 (18:18 -0300)
commit	c6ef2aba6bf93b3f17b57b384859edee54f99a72
tree	01a60c776bd6df4cac9cc0ca671f7d38edbdd15c	tree \| snapshot
parent	4e32b761986f5de28df4f1125b5d16c6c2f24306	commit \| diff

Bug 34369: Require CSRF token for updating system preferences

This patch adds the requirements that updating a system preference
requires a CSRF token. (Also, adding and deleting local system preferences.)

0. Apply patch
1. koha-plack --reload kohadev
2. Add local system preference
3. Update local system preference
4. Delete local system preference
5. Update normal system preference
6. Note no errors

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

admin/preferences.pl		diff \| blob \| history
admin/systempreferences.pl		diff \| blob \| history
koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences.tt		diff \| blob \| history
koha-tmpl/intranet-tmpl/prog/en/modules/admin/systempreferences.tt		diff \| blob \| history
koha-tmpl/intranet-tmpl/prog/js/pages/preferences.js		diff \| blob \| history
svc/config/systempreferences		diff \| blob \| history