projects / koha.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 61f1f88) | patch
Bug 36084: Add CSRF token support to svc/authentication
authorDavid Cook <dcook@prosentient.com.au>
Wed, 21 Feb 2024 06:17:50 +0000 (06:17 +0000)
committerJonathan Druart <jonathan.druart@bugs.koha-community.org>
Fri, 1 Mar 2024 10:00:51 +0000 (11:00 +0100)
commit0fe82b601b4b06ce0e9fcc5ca677810886f26717
tree9ffecb46dfc10bf51ec56fbc08aeaa48f00c158dtree | snapshot
parent61f1f88c5c871cf86138f81ed6f2e3db63b78d04commit | diff
Bug 36084: Add CSRF token support to svc/authentication

GET svc/authentication will return a CSRF token in a response header

POST svc/authentication requires a CSRF token which can be sourced
from the response header of GET svc/authentication or some other
place like the meta element on a HTML page

Note: misc/migration_tools/koha-svc.pl is a simple script which
can be used to practically evaluate svc/authentication and svc/bib

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
C4/Auth.pm diff | blob | history
misc/migration_tools/koha-svc.pl diff | blob | history
svc/authentication diff | blob | history
Main Koha release repository