https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=37060
--- Comment #14 from Jan Kissig <[email protected]> --- Hi there, I tried to implement what David said but somehow the authenticated cookie and the CRSF-token are bound together, and when I loose that token (but keep the session), there seems no chance of getting a valid token again. Wiki says: If you lose it for whatever reason, you can get a new Csrf-Token by using your authenticated cookie and sending a GET to /cgi-bin/koha/svc/authentication like you did in the first step. --- The token I received by GET /cgi-bin/koha/svc/authentication will always throw "wrong_csrf_token" so I build a workaround by logging out if GET /cgi-bin/koha/svc/authentication returns a valid session (<status>ok</status>) I uploaded a fixed version to https://gitlab.com/bibliothekTHWildau/koct-webext as I don't know if a pull request would work as I have no account on your git server. If someone wants to try with firefox (I used a german firefox , so maybe the naming is a bit different): - go to addons and themes - click the cog wheel and debug addons - load temporary add on - navigate to the downloaded extension and double click manifest.json -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
