http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8155
Priority: P5 - low
Change sponsored?: Sponsored
Bug ID: 8155
Assignee: [email protected]
Summary: Comply with UK Electronic Commerce (EC Directive)
Regulations 2002
Severity: critical
Classification: Unclassified
OS: All
Reporter: [email protected]
URL: http://opac/
Hardware: All
Status: ASSIGNED
Version: unspecified
Component: OPAC
Product: Koha
The full details are on
http://www.ico.gov.uk/for_organisations/privacy_and_electronic_communications/the_guide/cookies.aspx
but as I understand it we need a way to avoid setting any cookies on the OPAC
until the user has been warned and consented.
I intend to destroy the session and cookie in C4::Auth::get_template_and_user()
just before it is sent back to the OPAC, as long as no cookie-using features
are enabled; and to add a small notice to the OPAC login forms.
I am marking this as critical because it means Koha should not be used in the
UK (arguably the whole EU) in public until this bug is fixed. Koha admins
should ensure that a cookie notification is included in their staff user
agreements/policies, to cover the intranet interface. (You can also do that if
your OPAC is not public, rather than apply this fix.)
A patch, sponsored by software.coop, will be along shortly.
--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[email protected]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
