git.koha-community.org Git - koha.git/commit

author	David Cook <dcook@prosentient.com.au>
	Tue, 1 Aug 2023 06:56:23 +0000 (06:56 +0000)
committer	Fridolin Somers <fridolin.somers@biblibre.com>
	Wed, 27 Sep 2023 07:29:27 +0000 (21:29 -1000)
commit	649c9785f59886415fc3970197a6a476cf3142ae
tree	9a10ae8b5ab9402bd9ae9f2a4bcb825ca6af69d1	tree \| snapshot
parent	acf91323c5253db5058812628bca58193054c65b	commit \| diff

Bug 34369: Require CSRF token for updating system preferences

This patch adds the requirements that updating a system preference
requires a CSRF token. (Also, adding and deleting local system preferences.)

0. Apply patch
1. koha-plack --reload kohadev
2. Add local system preference
3. Update local system preference
4. Delete local system preference
5. Update normal system preference
6. Note no errors

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit c6ef2aba6bf93b3f17b57b384859edee54f99a72)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

admin/preferences.pl		diff \| blob \| history
admin/systempreferences.pl		diff \| blob \| history
koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences.tt		diff \| blob \| history
koha-tmpl/intranet-tmpl/prog/en/modules/admin/systempreferences.tt		diff \| blob \| history
koha-tmpl/intranet-tmpl/prog/js/pages/preferences.js		diff \| blob \| history
svc/config/systempreferences		diff \| blob \| history