https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=39435
--- Comment #26 from David Cook <[email protected]> --- I suppose the only problem with the plugin approach currently is the need to add it to the particular existing Koha code (e.g. C4::Auth and opac-export). That's where a Plack Middleware could be handy. But then if we let a web UI syspref point to a module which can interfere at the Plack Middleware level... that has security implications. We should probably validate the syspref value to something like "Koha::Plugin::BotChallenge::"... although I suppose all Koha plugins have security problems when they're added by end users. At this point, maybe we should look at a Plack middleware and a koha-conf.xml entry? Or even just a Plack middleware? It would require a sysadmin configuring things, but I don't think that's a bad thing. And maybe after we start proving some of these experimental things in production... we could then provide web users with a dropdown list of options? -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
