https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=39435
Marcel de Rooy <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #34 from Marcel de Rooy <[email protected]> --- Implemented the middleware approach now. Had some struggles with Koha::Token and the CSRF middleware class. Instead of passing an undefined session (scalar on no cookie), I am passing the default session id used in Koha::Token. When removing the returns on a false but defined session, this should effectively remove the need for the second check in a row in check_csrf added on 36102. This explains the small changes in Koha::Token and Middleware::CSRF. While testing, the browser cache sometimes got in the way. -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
