From 460a48cf6982de9650f2f9d726537898f96b4e9c Mon Sep 17 00:00:00 2001
From: Julian Maurice <julian.maurice@biblibre.com>
Date: Tue, 14 May 2024 09:34:31 +0200
Subject: [PATCH] Bug 36598: Add comments asking to keep both CSRF checks in
 sync

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
---
 Koha/App/Plugin/CSRF.pm | 2 ++
 Koha/Middleware/CSRF.pm | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/Koha/App/Plugin/CSRF.pm b/Koha/App/Plugin/CSRF.pm
index 01ecb3897d..5e487fb097 100644
--- a/Koha/App/Plugin/CSRF.pm
+++ b/Koha/App/Plugin/CSRF.pm
@@ -62,6 +62,8 @@ this case, no verification is done.
 
 =cut
 
+# If you need to update the logic here, please also update Koha::Middleware::CSRF
+
 sub register {
     my ( $self, $app, $conf ) = @_;
 
diff --git a/Koha/Middleware/CSRF.pm b/Koha/Middleware/CSRF.pm
index 29b1e1ae25..58e75c948e 100644
--- a/Koha/Middleware/CSRF.pm
+++ b/Koha/Middleware/CSRF.pm
@@ -20,6 +20,8 @@ use Modern::Perl;
 use parent qw(Plack::Middleware);
 use Plack::Response;
 
+# If you need to update the logic here, please also update Koha::App::Plugin::CSRF
+
 sub call {
     my ( $self, $env ) = @_;
     my $req = Plack::Request->new($env);
-- 
2.39.5