From 8f5782cf705abdac40c4f13f32e1830319f7137e Mon Sep 17 00:00:00 2001 From: Jonathan Druart Date: Tue, 20 Feb 2024 10:09:25 +0100 Subject: [PATCH] Bug 36102: Do not keep op and csrf_token in param list after login - OPAC Signed-off-by: Jonathan Druart --- C4/Auth.pm | 2 ++ 1 file changed, 2 insertions(+) diff --git a/C4/Auth.pm b/C4/Auth.pm index 879a7c8131..5ab3249900 100644 --- a/C4/Auth.pm +++ b/C4/Auth.pm @@ -1389,6 +1389,8 @@ sub checkauth { $uri->query_param_delete('userid'); $uri->query_param_delete('password'); $uri->query_param_delete('koha_login_context'); + $uri->query_param_delete('op'); + $uri->query_param_delete('csrf_token'); unless ( $params->{do_not_print} ) { print $query->redirect( -uri => $uri->as_string, -cookie => $cookie, -status => '303 See other' ); safe_exit; -- 2.39.5