git.koha-community.org Git - koha.git/commit

author	David Cook <dcook@prosentient.com.au>
	Tue, 1 Aug 2023 06:56:23 +0000 (06:56 +0000)
committer	Lucas Gass <lucas@bywatersolutions.com>
	Thu, 28 Sep 2023 16:06:05 +0000 (16:06 +0000)
commit	2cc819d58e2df971096328578f691097b02dab93
tree	906fa9bd13160d071f0bd39670e83edf8f5ff700	tree \| snapshot
parent	61452e7d3dc92395de56ca56f585c6f26ae3a81a	commit \| diff

Bug 34369: Require CSRF token for updating system preferences

This patch adds the requirements that updating a system preference
requires a CSRF token. (Also, adding and deleting local system preferences.)

0. Apply patch
1. koha-plack --reload kohadev
2. Add local system preference
3. Update local system preference
4. Delete local system preference
5. Update normal system preference
6. Note no errors

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>

admin/preferences.pl		diff \| blob \| history
admin/systempreferences.pl		diff \| blob \| history
koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences.tt		diff \| blob \| history
koha-tmpl/intranet-tmpl/prog/en/modules/admin/systempreferences.tt		diff \| blob \| history
koha-tmpl/intranet-tmpl/prog/js/pages/preferences.js		diff \| blob \| history
svc/config/systempreferences		diff \| blob \| history