https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=38463

Emily Lamancusa (emlam) <emily.lamanc...@montgomerycountymd.gov> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
 Attachment #174637|0                           |1
        is obsolete|                            |

--- Comment #3 from Emily Lamancusa (emlam) 
<emily.lamanc...@montgomerycountymd.gov> ---
Created attachment 174759
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=174759&action=edit
Bug 38463: Unnecessary CSRF token in OPAC authority search

Bug 37069 correctly changed OPAC authority searches from a POST to a GET, but
forgot to remove the CSRF token that is only needed for a POST, so now it
clutters up the URL by making the first 107 characters of the query string
meaningless.

Test plan:
 1. Without the patch, in the OPAC, go to Authority search
 2. Change the dropdowns to non-default values so you have meaningful search
    conditions, and search for something that will return results, like
    Topical Term/starts with/a/in any heading/Heading descendant
 3. Copy the URL of your search results, paste it in an email compose window,
    look at what you just pasted and wonder whether that big opaque string is
    actually safe to send to a coworker. Go to lunch. Come back and wonder
    what you searched for, and look at the URL in the browser to try to tell
 4. Apply patch, click the browser back button, reload the page, search again
 5. Copy and paste the URL, notice it looks fine to send, just a search. Look
    at the URL in the browser address bar, notice that within the limits of
    your window size, you can see what you searched for

Sponsored-by: Chetco Community Public Library
Signed-off-by: David Nind <da...@davidnind.com>
Signed-off-by: Emily Lamancusa <emily.lamanc...@montgomerycountymd.gov>

-- 
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

Reply via email to