https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=37407
--- Comment #6 from David Cook <[email protected]> --- (In reply to Donna from comment #5) > I think the checkout should be automatic, since that is the behavior now. If the checkout were to be automatic, it would have to be done on the additem.pl page, which is going to come with a number of issues and take a lot more work. With the redirect, as Brendan says, automatic checkout would be a CSRF vulnerability. An alternative to Brendan's patch would be for additem.pl to not redirect to circulation.pl, but rather to show a new confirmation asking if they wanted to checkout. They'd then click confirm, and that would POST back to circulation.pl. But either way the user is going to have an extra click without a significant. I think this is a pretty good compromise. At least for now. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
