From 8f5782cf705abdac40c4f13f32e1830319f7137e Mon Sep 17 00:00:00 2001
From: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Date: Tue, 20 Feb 2024 10:09:25 +0100
Subject: [PATCH] Bug 36102: Do not keep op and csrf_token in param list after
 login - OPAC

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
---
 C4/Auth.pm | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/C4/Auth.pm b/C4/Auth.pm
index 879a7c8131..5ab3249900 100644
--- a/C4/Auth.pm
+++ b/C4/Auth.pm
@@ -1389,6 +1389,8 @@ sub checkauth {
             $uri->query_param_delete('userid');
             $uri->query_param_delete('password');
             $uri->query_param_delete('koha_login_context');
+            $uri->query_param_delete('op');
+            $uri->query_param_delete('csrf_token');
             unless ( $params->{do_not_print} ) {
                 print $query->redirect( -uri => $uri->as_string, -cookie => $cookie, -status => '303 See other' );
                 safe_exit;
-- 
2.39.5