git.koha-community.org Git - koha.git/commit

author	Phil Ringnalda <phil@chetcolibrary.org>
	Thu, 19 Sep 2024 02:41:50 +0000 (19:41 -0700)
committer	Lucas Gass <lucas@bywatersolutions.com>
	Wed, 9 Oct 2024 20:00:06 +0000 (20:00 +0000)
commit	efd54c2bd6b04f5a282054ca811d830e5b84c75b
tree	a97ade1c9e77b457d0147672c4e482b23f7f90e8	tree \| snapshot
parent	60003f014e00cf2c4dae272983b3ad8af044ff69	commit \| diff

Bug 37979: Toggling Item circulation alerts table cells needs to send csrf_token

When you click on a cell in the Item circulation alerts table, the page sends
a POST to /cgi-bin/koha/admin/item_circulation_alerts.pl without including a
csrf_token, which gets back a 403 error because that's sketchy behavior. It
needs to include the token.

Test plan:
1. Administration - Item circulation alerts
2. Open the browser devtools to the console
3. Click on any green table cell
4. It should have turned red, but instead your console turned red with a 403
5. Apply patch, reload
6. Click on any green table cell, it will turn red

Sponsored-by: Chetco Community Public Library
https://bugs.koha-community.org/show_bug.cgi?id=37959
Signed-off-by: Jan Kissig <jkissig@th-wildau.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>