https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36349
David Cook <dc...@prosentient.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #163552|0 |1
is obsolete| |
--- Comment #27 from David Cook <dc...@prosentient.com.au> ---
Created attachment 164444
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=164444&action=edit
Bug 36349: Make sure CSRF token is included for all login scenarios
To test:
1 - In KTD visit:
http://localhost:8080/cgi-bin/koha/sci/sci-main.pl
2 - Everything should be set for auto self check user etc, just login
as a patron
If not (or not using KTD) setup a self check user, enable SCO and
SCI, set self check patron system preferences, then login with
patron
3 - 403 Error
4 - Repeat with sco:
http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
5 - Apply patch, restart all
6 - Try again, both should be successful
Signed-off-by: Owen Leonard <oleon...@myacpl.org>
Signed-off-by: David Cook <dc...@prosentient.com.au>
--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
