https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=29543
--- Comment #57 from Marcel de Rooy <[email protected]> --- (In reply to Jonathan Druart from comment #55) > (In reply to Marcel de Rooy from comment #50) > > Why dont you pass the session cookie? > > You could pass something like [ $cookie1, $cookie2 ] ? > > I think CGISESSID is in the CGI object already. Cookies need to be sent out. If they have changed, they will only be updated at client side when you sent them explicitly to the output subs. output_html_with_http_headers and friends actually assume that it is the authentication cookie; so you are cheating here. > (In reply to Marcel de Rooy from comment #53) > > Iiuc JWT is not encrypted. So this may be a bit more secure, but could be > > improved. > > It is encoded using a secret, see Koha::Token::_gen_jwt OK. It is bit hidden but I found it in the _default_params sub. -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
