https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36681
Bug ID: 36681
Summary: CSRK_TOKEN header should be named CSRF-TOKEN (hyphen
instead of underscore)
Change sponsored?: ---
Product: Koha
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5 - low
Component: Architecture, internals, and plumbing
Assignee: [email protected]
Reporter: [email protected]
QA Contact: [email protected]
By default, nginx ignores invalid headers and header names containing
underscores are considered invalid
https://nginx.org/en/docs/http/ngx_http_core_module.html#ignore_invalid_headers
https://nginx.org/en/docs/http/ngx_http_core_module.html#underscores_in_headers
Changing the underscore to an hyphen would allow to keep the default nginx
configuration
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
_______________________________________________
Koha-bugs mailing list
[email protected]
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
