[Koha-bugs] [Bug 36349] Login for SCO/SCI broken by CSRF

bugzilla-daemon--- via Koha-bugs Tue, 19 Mar 2024 03:33:43 -0700

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36349


Jonathan Druart <jonathan.dru...@gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jonathan.dru...@gmail.com

--- Comment #3 from Jonathan Druart <jonathan.dru...@gmail.com> ---
We have a problem here.

We are removing the credential (login_userid and login_password from CGI) in
get_template_and_user if not a POST (and not op ne 'cud-login').

I am failing at finding a correct fix. Should we actually fix the
AutoSelfCheckAllowed behavior in sco-main.pl and deal with the credentials
retrieved from the prefs in the controller?

-- 
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 36349] Login for SCO/SCI broken by CSRF

Reply via email to