https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32713
Bug ID: 32713
Summary: x-koha-embed appears to no longer properly validate
Change sponsored?: ---
Product: Koha
Version: master
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5 - low
Component: REST API
Assignee: [email protected]
Reporter: [email protected]
CC: [email protected]
We migrated x-koha-embed into properly specified header parameters in bug 30536
however it appears that the upstream validation of those headers has since
broken and we're now allowing open embed calls through from the API.
At best this can lead to server errors leaking, at worst it exposed methods
that should be private to the API.
We need to write some tests to catch this and possibly re-instate the in-koha
validation whilst the OpenAPI is updated.
See 8e1265c45ddfc53d4bcbfc51e25b297e3592daf4 for some further details.
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
_______________________________________________
Koha-bugs mailing list
[email protected]
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
