[Koha-bugs] [Bug 34650] Editing/deleting lists from toolbar on virtualshelves/shelves.pl causes CSRF error
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Wed Aug 30 02:33:30 CEST 2023
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34650
--- Comment #6 from David Cook <dcook at prosentient.com.au> ---
Created attachment 154934
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=154934&action=edit
Bug 34650: Convert list toolbar delete into form POST
This patch adds a HTML form with a CSRF token to POST the list delete,
which is triggered by a click handler on the A element. The A element
is still needed for existing style reasons.
Test plan:
0. Apply patch
1. koha-plack --reload kohadev
2. In the staff interface, add a list
3. Go into that list (e.g. virtualshelves/shelves.pl?op=view&shelfnumber=X)
4. From the toolbar click the "Edit" dropdown
5. From the dropdown try either "Edit list" or "Delete list"
6. Note no CSRF error and operation completes as expected
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list