ut an 'op' parameter, but will block a POST request with
>> an
>> 'op' parameter that does not start with 'cud-'.
>> It looks like we could get rid of this prefix check without losing
>> anything. What did I miss ?
>>
>> Le 04/03/2024 à 08:37, Marcel de Rooy via
l allow a
> >> POST
> >> request without an 'op' parameter, but will block a POST request with
> >> an
> >> 'op' parameter that does not start with 'cud-'.
> >> It looks like we could get rid of this prefix check without losing
> >> anything. W
March 1, 2024 2:26 PM
> *To:* Koha Devel ; Koha
>
> *Subject:* [Koha-devel] Koha CSRF protection
>
> Hello all!
>
> We have pushed the CSRF work from 34478 and related bugs today. We know
> there are more follow-ups needed, and have filed a series of bugs under
> an omnibus:
> It looks like we could get rid of this prefix check without losing
> anything. What did I miss ?
>
> Le 04/03/2024 à 08:37, Marcel de Rooy via Koha-devel a écrit :
> > Great work!
> >
> > *From:*Koha-devel *On
> > Behalf Of *Nick Clemens via Koha-devel
> >
t:* Friday, March 1, 2024 2:26 PM
*To:* Koha Devel ; Koha
*Subject:* [Koha-devel] Koha CSRF protection
Hello all!
We have pushed the CSRF work from 34478 and related bugs today. We know
there are more follow-ups needed, and have filed a series of bugs under
an omnibus:
https://bug
Great work!
From: Koha-devel On Behalf Of
Nick Clemens via Koha-devel
Sent: Friday, March 1, 2024 2:26 PM
To: Koha Devel ; Koha
Subject: [Koha-devel] Koha CSRF protection
Hello all!
We have pushed the CSRF work from 34478 and related bugs today. We know there
are more follow-ups needed
Congrats team!
El vie, 1 mar 2024 a las 10:26, Nick Clemens via Koha-devel (<
koha-devel@lists.koha-community.org>) escribió:
> Hello all!
>
> We have pushed the CSRF work from 34478 and related bugs today. We know
> there are more follow-ups needed, and have filed a series of bugs under an
>
Hello all!
We have pushed the CSRF work from 34478 and related bugs today. We know
there are more follow-ups needed, and have filed a series of bugs under an
omnibus:
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36192
We have a framapad where issues can be reported/found: