Bug 33702: Prevent ILL requests to be modified by somebody else
Same as previous patch, but for 'update' and 'cancreq'.
We remove the redirect, but here we only want to focus on the security
fix.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Confirmed. Without this patch a patron can modify and cancel any ILL
request in the OPAC. With this patch the patron is redirected to the
404 page if modification or cancellation is attempted.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
projects / koha.git / commit