https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=37041
Jonathan Druart <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #9 from Jonathan Druart <[email protected]> --- There is something fundamentally wrong in the way we handle the session id. Which leads to this kind of problems. Should we consider setting the session id in the L1 (actually in the userenv) so that we could have access to the current session id. So if a new one has been generated and is different than the one in the cookie of the request we can access it easily? We would have then: check_cookie_auth( C4::context->{userenv}->{session_id}, $required_flags ); and not relying on CGI. Another way would be to trick CGI and replace HTTP_COOKIE env var. But this seems very hacky and certainly not something recommended. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
