[Koha-bugs] [Bug 36349] Login for SCO/SCI broken by CSRF
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon Mar 18 17:30:51 CET 2024
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36349
--- Comment #1 from Nick Clemens <nick at bywatersolutions.com> ---
Created attachment 163356
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=163356&action=edit
Bug 36349: Make sure CSRF token is included for all login scenarios
To test:
1 - In KTD visit:
http://localhost:8080/cgi-bin/koha/sci/sci-main.pl
2 - Everything should be set for auto self check user etc, just login as a
patron
If not (or not using KTD) setup a self check user, enable SCO and SCI, set
self check patron system preferences, then login with patron
3 - 403 Error
4 - Repeat with sco:
http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
5 - Apply patch, restart all
6 - Try again, both should be successful
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
More information about the Koha-bugs
mailing list