https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=31699
--- Comment #32 from David Cook <[email protected]> --- (In reply to David Cook from comment #31) > If I erase OPACBaseURL, then I get the open redirect vulnerability again. Worth noting that this affects only logged in users. The redirect code won't trigger for anonymous users, since we short-circuit opac-user.pl for anonymous users and prompt with a regular login box. -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
