https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22522
--- Comment #84 from Victor Grousset/tuxayo <[email protected]> --- (In reply to Magnus Enger from comment #10) > This fixes a major security problem, I'm upping the importance and changing > the component from ILL to "REST API". Wow, I missed that. After a quick test I confirm that I can't do this (on 19.05 and 18.11): > Test plan: > 1. Without being logged in to Koha, access an endpoint directly (such as /api/v1/patrons/{patron_id}) > 2. Notice results are received (which is bad since we're not authenticated) -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
