]> git.koha-community.org Git - koha.git/commit
projects / koha.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2169d77) | patch
Bug 36349: Make sure CSRF token is included for all login scenarios
authorNick Clemens <nick@bywatersolutions.com>
Mon, 18 Mar 2024 16:27:58 +0000 (16:27 +0000)
committerKatrin Fischer <katrin.fischer@bsz-bw.de>
Fri, 5 Apr 2024 09:51:07 +0000 (11:51 +0200)
commit5300bcd57458f9d39b376ad02d20903ce727e8db
tree9d6c4d96f60207c732a81d85cbb5c39a1fe5774dtree | snapshot
parent2169d774c14d3ecb1d34464f3a5faa7cb812e75dcommit | diff
Bug 36349: Make sure CSRF token is included for all login scenarios

To test:
1 - In KTD visit:
    http://localhost:8080/cgi-bin/koha/sci/sci-main.pl
2 - Everything should be set for auto self check user etc, just login
    as a patron
    If not (or not using KTD) setup a self check user, enable SCO and
    SCI, set self check patron system preferences, then login with
    patron
3 - 403 Error
4 - Repeat with sco:
    http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
5 - Apply patch, restart all
6 - Try again, both should be successful

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-auth.tt diff | blob | history
Main Koha release repository