https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36094
--- Comment #35 from David Cook <[email protected]> --- (In reply to Jonathan Druart from comment #34) > We don't have cud-, requiring POST, or whatever. The curl command from > comment 17 is still valid, everybody can request it. I don't think cud- applies for the /svc API - at least not the original one. As for requiring POST and comment 17 for /svc/authentication... that's a good point but that is more so an issue with check_api_auth() and changing that has wide-reaching consequences beyond /svc. As for /svc/bib, /svc/new_bib, and /svc/import_bib, they already require POSTs, so they should be fine (not withstanding the same issue with being able to login using a GET via check_api_auth()). -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
