https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=41662
--- Comment #15 from Andreas Jonsson <[email protected]> --- Sorry for not paying attention to this issue, but only look att the op parameter as this requires that this validation is made in checkauth: # FIXME This is only needed for scripts not using plack my $op = $query->param('op'); if ( defined $op && $op =~ m{^cud-} ) { die "Cannot use GET for this request" if $request_method eq 'GET'; } The comment suggest that this check may be removed at some point. Wouldn't it be safer to validate the method directly? - if ( $op && $op eq 'cud-save' ) { + if ( uc $query->request_method eq 'POST' ) { -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
