Great work! From: Koha-devel <koha-devel-boun...@lists.koha-community.org> On Behalf Of Nick Clemens via Koha-devel Sent: Friday, March 1, 2024 2:26 PM To: Koha Devel <koha-devel@lists.koha-community.org>; Koha <k...@lists.katipo.co.nz> Subject: [Koha-devel] Koha CSRF protection
Hello all! We have pushed the CSRF work from 34478 and related bugs today. We know there are more follow-ups needed, and have filed a series of bugs under an omnibus: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36192 We have a framapad where issues can be reported/found: https://annuel.framapad.org/p/koha_34478_remaining And we have bugs for each of the sections of the document. We need all developers to submit patches when they encounter issues, and for other users testing master to report found issues on the pad. Testers can report issues on the pad as well. There is a new coding guideline - all POSTs to forms in Koha will need to include a csrf token: https://wiki.koha-community.org/wiki/Coding_Guidelines#Security This has been a big work, many thanks to all involved, and there is still work to be done, but this is an important fix that we must do. You can reach out to me on IRC (kidclamp) or via email and I will do my best to help anyone contribute. Thanks, Nick -- Nick Clemens ByWater Solutions bywatersolutions.com<http://bywatersolutions.com/> Phone: (888) 900-8944 Pronouns: (he/him/his) Timezone: Eastern [https://docs.google.com/uc?export=download&id=1eLlHaKRZxg0CP6nlW7rG0J4qdtoIuoNr&revid=0B0ga69kSs543QWlEa3V4aGI4dFlXMlVQd0ZEbVY5dFBXQUk0PQ] Follow us: [https://docs.google.com/uc?export=download&id=1UU2Vj_xX_WgcBojhYbea9ck0TaLwoLky&revid=0B0ga69kSs543R2xUajk5MnF0VE9EcjhtSjZBc1R0YVpSL0NFPQ]<https://www.facebook.com/ByWaterSolutions/> [https://docs.google.com/uc?export=download&id=1SCTJQAzf1zB5c7NmTLQwtexAgNl4_jPC&revid=0B0ga69kSs543N0tKSG9ZRk55MXk2Qmt3TXJ2TE1Ca1g4T1hFPQ] <https://www.instagram.com/bywatersolutions/> [https://docs.google.com/uc?export=download&id=1zVkZyWeLDKyDM5RhOLMRHigl4VYN5j43&revid=0B0ga69kSs543eU9ZUVVyalFqNlVodEtZTmRSNElrQlV2MlhJPQ] <https://www.youtube.com/user/bywatersolutions> [https://docs.google.com/uc?export=download&id=1b9EkTbJHwpA_Lf4iKYdoSyIlxwyasLPq&revid=0B0ga69kSs543WWFieW52VkRpZEhkdGRjcXVBejBTZUltS0hrPQ] <https://twitter.com/ByWaterSolution>
_______________________________________________ Koha-devel mailing list Koha-devel@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel website : https://www.koha-community.org/ git : https://git.koha-community.org/ bugs : https://bugs.koha-community.org/
