[Koha-bugs] [Bug 32385] OPAC and staff (intranet) should not share the same session and cookie
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon Apr 24 01:27:57 CEST 2023
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32385
--- Comment #2 from David Cook <dcook at prosentient.com.au> ---
Something else to keep in mind is cookie authentication for the REST API
interface via the staff interface and OPAC.
Maybe this is an opportunity to switch away from "CGISESSID" to more
Koha-specific cookie names.
There are over 200 references to CGISESSID in the code, although to lessen the
work we could just change the cookie name for the OPAC. That would involve
fewer script changes. Auth.pm would need an update at a minimum though.
If someone is willing to do the work, I suppose there's no reason not to...
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
More information about the Koha-bugs
mailing list