[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Fridolin Somers changed: What|Removed |Added Blocks||36877 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36877 [Bug 36877] Patron card creator does not work when editing layout, profile or template -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Owen Leonard changed: What|Removed |Added Blocks||36883 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36883 [Bug 36883] Can't finish club enrollment in the OPAC -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Victor Grousset/tuxayo changed: What|Removed |Added Blocks||36863 -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Owen Leonard changed: What|Removed |Added Blocks||36838 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36838 [Bug 36838] Can't approve or reject tags in the staff interface -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Pedro Amorim changed: What|Removed |Added Blocks||36683 -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Brendan Lawlor changed: What|Removed |Added Blocks||36630 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36630 [Bug 36630] Item search batch operations buttons broken by CRSF -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Fridolin Somers changed: What|Removed |Added Blocks||36368 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36368 [Bug 36368] Cannot save new patron after error -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Fridolin Somers changed: What|Removed |Added Blocks||36351 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36351 [Bug 36351] CSRF Adjustments for Cataloguing editor -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Victor Grousset/tuxayo changed: What|Removed |Added Blocks||36577 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36577 [Bug 36577] (bug 34478 follow-up) marc21_linking_section.pl not working -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Emily Lamancusa changed: What|Removed |Added Blocks||36568 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36568 [Bug 36568] Changing rows per page on a custom report is broken -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 --- Comment #194 from David Cook --- (In reply to David Cook from comment #185) > Although as I say that I'm finding more changes that need to be backported > to really support this... heh... Like koha-tmpl/intranet-tmpl/prog/js/file-upload.js uses XMLHttpRequest directly and doesn't do AJAX calls via jQuery. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Fridolin Somers changed: What|Removed |Added Blocks||36326 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36326 [Bug 36326] Batch deletion of selected items from detail page is broken -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Fridolin Somers changed: What|Removed |Added Blocks||36336 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36336 [Bug 36336] Exporting records from detail page is broken -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Tomás Cohen Arazi changed: What|Removed |Added Blocks||36384 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36384 [Bug 36384] 'Used saved' typo in guided reports -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Nick Clemens changed: What|Removed |Added Blocks||36349 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36349 [Bug 36349] Login for SCO/SCI broken by CSRF -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Katrin Fischer changed: What|Removed |Added Blocks||36274 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36274 [Bug 36274] OPAC suggestions form doesn't display -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 --- Comment #193 from Jonathan Druart --- *** Bug 30502 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Jonathan Druart changed: What|Removed |Added CC||anuragme...@gmail.com --- Comment #192 from Jonathan Druart --- *** Bug 23238 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 --- Comment #191 from Jonathan Druart --- *** Bug 34111 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 --- Comment #190 from Jonathan Druart --- *** Bug 23060 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 --- Comment #189 from Jonathan Druart --- *** Bug 22314 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Jonathan Druart changed: What|Removed |Added CC||amitddng...@gmail.com --- Comment #188 from Jonathan Druart --- *** Bug 19645 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 --- Comment #187 from Jonathan Druart --- *** Bug 35677 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 David Cook changed: What|Removed |Added Blocks||36195 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36195 [Bug 36195] CSRF - testing reports -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 David Cook changed: What|Removed |Added Blocks||36193 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36193 [Bug 36193] CSRF - Code review missed -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 --- Comment #186 from Fridolin Somers --- OK thanks for your comments. For the moment no backport -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 --- Comment #185 from David Cook --- (In reply to David Cook from comment #184) > (In reply to David Cook from comment #183) > > However, I have been thinking a bit about how to provide some protection to > > stable branches. > > I think my abbreviated anti-CSRF plus bug 33259 (when it's ready) would be > an OK compromise for stable branches. Although as I say that I'm finding more changes that need to be backported to really support this... heh... -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 --- Comment #184 from David Cook --- (In reply to David Cook from comment #183) > However, I have been thinking a bit about how to provide some protection to > stable branches. I think my abbreviated anti-CSRF plus bug 33259 (when it's ready) would be an OK compromise for stable branches. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 --- Comment #183 from David Cook --- (In reply to Fridolin Somers from comment #182) > Not for backport I bet ? I don't think that it would be possible to backport this one. However, I have been thinking a bit about how to provide some protection to stable branches. Locally, I've applied the following: - Bug 36098 (the Koha::Session patches) - Bug 34755: Backport Koha::Token change from bug 34478 - Bug 34478: Add csrf-token in meta I've created a middleware based off Koha::Middleware::CSRF and then using a mix of ideas from Marcel and myself, I've used Javascript to inject CSRF tokens into forms and Koha API calls. At the moment, I'm testing this on the OPAC, and then I'm going to look at the Staff Interface. I want to do some more thinking about how we can use "Strict" in the SameSite attribute for the CGISESSID cookie to cover off CSRF for GET requests as well. Less of a problem for 34478 because it fixes a lot of stateful GET requests, but for older versions... -- Long story short... it might be worth backporting just "Bug 34478: Add csrf-token in meta" for now. Maybe a new bug report for that? -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 --- Comment #182 from Fridolin Somers --- Not for backport I bet ? -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Bug 34478 depends on bug 36019, which changed state. Bug 36019 Summary: Dead code in tags/review https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36019 What|Removed |Added Status|Pushed to master|RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Bug 34478 depends on bug 36017, which changed state. Bug 36017 Summary: Dead code in admin/clone-rules https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36017 What|Removed |Added Status|Pushed to master|RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Victor Grousset/tuxayo changed: What|Removed |Added Blocks||36280 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36280 [Bug 36280] Viewing batch of staged records broken: CSRF token error -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Pedro Amorim changed: What|Removed |Added See Also||https://bugs.koha-community ||.org/bugzilla3/show_bug.cgi ||?id=36273 -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Martin Renvoize changed: What|Removed |Added Blocks|36245 | Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36245 [Bug 36245] ILL - Custom backend form action is broken -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Martin Renvoize changed: What|Removed |Added Blocks||36245 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36245 [Bug 36245] ILL - Custom backend form action is broken -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Martin Renvoize changed: What|Removed |Added Blocks|36245 | Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36245 [Bug 36245] ILL - Custom backend form action is broken -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Martin Renvoize changed: What|Removed |Added Blocks|36249 | Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36249 [Bug 36249] ILL - "Request from partners" action is broken -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Pedro Amorim changed: What|Removed |Added Blocks||36249 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36249 [Bug 36249] ILL - "Request from partners" action is broken -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Pedro Amorim changed: What|Removed |Added Blocks||36245 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36245 [Bug 36245] ILL - Custom backend form action is broken -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Pedro Amorim changed: What|Removed |Added Blocks||36243 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36243 [Bug 36243] ILL "Edit request" action is broken -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Pedro Amorim changed: What|Removed |Added Blocks||36241 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36241 [Bug 36241] ILL Batches are broken -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Lucas Gass changed: What|Removed |Added Blocks||36237 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36237 [Bug 36237] Improve set-library UI after 34478 -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Jonathan Druart changed: What|Removed |Added Blocks||36219 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36219 [Bug 36219] State parameter broken for OIDC/Oauth -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Jonathan Druart changed: What|Removed |Added Status|Passed QA |Pushed to master --- Comment #181 from Jonathan Druart --- Pushed to master for 24.05.00. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 34478] Full CSRF protection
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34478 Jonathan Druart changed: What|Removed |Added Status|ASSIGNED|Passed QA Group|Koha security | Product|Koha security |Koha Version(s)||24.05.00 released in|| Component|Koha|Architecture, internals, ||and plumbing QA Contact||testo...@bugs.koha-communit ||y.org -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/