[Koha-bugs] [Bug 38030] stocknumberAV.pl fails with CSRF protection

Mon, 21 Oct 2024 17:43:37 -0700 

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=38030

David Cook <[email protected]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
 Attachment #172238|0                           |1
        is obsolete|                            |

--- Comment #6 from David Cook <[email protected]> ---
Created attachment 173086
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=173086&action=edit
Bug 38030: stocknumberAV.pl fails with CSRF protection

The value builder stocknumberAV.pl does not work after applying the CSRF
protection. In console, it generates entries like:

POST
http://localhost:8081/cgi-bin/koha/cataloguing/plugin_launcher.pl
[HTTP/1.1 403 Forbidden 188ms]

Test plan:
==========
1. Modify the MARC bibliographic framework for the default framework by
   choosing stocknumberAV.pl as plugin for subfield 952 $i.
2. In Authorized values, add a new category 'INVENTORY'.  Add a new
   entry there, e.g. 'ABC', with any number in Description (eg. 123).
3. Find any bibliographic record, make sure it uses the default framework.
   If not set the framework accordingly.
4. Edit an item linked to this record.  Go to the 'i - Inventory number'
   subfield.  You should see three dots on the right.  In the input field
   put ABC and click the three dots.
5. Nothing happens.  You can check in the browser console--there should
   be a message like:
   POST http://FQDN:8081/cgi-bin/koha/cataloguing/plugin_launcher.pl
   [HTTP/1.1 403 Forbidden 188ms]
6. Apply the patch; restart_all.  Refresh the browser window.
7. Repeat p. 4.  You should now get the next sequence number next to
   the 'ABC' (i.e. ABC 0000000124 or similar).

Sponsored-by: Ignatianum University in Cracow
Signed-off-by: Roman Dolny <[email protected]>
Signed-off-by: David Cook <[email protected]>

-- 
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[email protected]
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

Reply via email to