git.koha-community.org Git - koha.git/commit

author	Phil Ringnalda <phil@chetcolibrary.org>
	Thu, 19 Sep 2024 02:41:50 +0000 (19:41 -0700)
committer	Katrin Fischer <katrin.fischer@bsz-bw.de>
	Fri, 27 Sep 2024 16:00:31 +0000 (18:00 +0200)
commit	66eabead5f9a2041c864da197deed38733ffefef
tree	a057aa636c91de6ffdf66e1fec656ea38decd006	tree \| snapshot
parent	4c89e69821eb8da284f0df32351bf59307b33e6e	commit \| diff

Bug 37979: Toggling item circulation alerts table cells needs to send csrf_token

When you click on a cell in the Item circulation alerts table, the page sends
a POST to /cgi-bin/koha/admin/item_circulation_alerts.pl without including a
csrf_token, which gets back a 403 error because that's sketchy behavior. It
needs to include the token.

Test plan:
1. Administration - Item circulation alerts
2. Open the browser devtools to the console
3. Click on any green table cell
4. It should have turned red, but instead your console turned red with a 403
5. Apply patch, reload
6. Click on any green table cell, it will turn red

Sponsored-by: Chetco Community Public Library
https://bugs.koha-community.org/show_bug.cgi?id=37959
Signed-off-by: Jan Kissig <jkissig@th-wildau.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>