https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=40980
--- Comment #5 from Pedro Amorim <[email protected]> --- (In reply to Marcel de Rooy from comment #4) > Please explain the relation of this otor with op=cud-login ? Hi Marcel yes, of course, this is what I shared with my colleagues internally when diagnosing/fixing this issue almost 2 months ago: op=cud-login is always POSTed when logging in, but because for ElasticSearch an op may be AND OR or NOT it adds it to the facet link, thus causing it to be added to the URL as GET and causing the error. This is my fix for now, but there may be a better approach. ------ Upon looking at it again, my analysis remains the same, but I'll explain again phrasing it differently. 'op' is a param that ElasticSearch considers for building the search query (AND, OR or NOT), but 'op' is also what we use for POST cud-login (and other form submissions). With the above in mind, in Koha, when we're logged out and attempt to access a URL with a GET parameter, e.g. http://localhost:8081/cgi-bin/koha/circ/circulation.pl?borrowernumber=19. We're prompted to login, and after login we're brought to the borrowernumber 19 page, but if we look at the URL, we see that it looks like this: http://localhost:8081/cgi-bin/koha/circ/circulation.pl. This means borrowernumber=19 was passed onto circulation.pl as a POST parameter, not as GET. This is what I think is happening to the ElasticSearch issue above, op='cud-login' is passed to search.pl as a POST param (can be confirmed by the network browser tab) which then causes the following code in facets.inc to add the op=cud-login to the facet link as a GET param: [% SET url = "/cgi-bin/koha/catalogue/search.pl?" _ query_cgi _ limit_cgi %] Because query_cgi contains the problematic op=cud-login, seemingly not distinguishing between GET and POST params, if it matters here at all. I've explained the issue the best I can (and to the best of my knowledge), and I'm happy to discuss my patch further and/or other alternative patches. -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
