[Koha-bugs] [Bug 36351] CSRF Adjustments for Cataloguing editor

[bugzilla-daemon at bugs.koha-community.org]

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36351

Jonathan Druart <jonathan.druart at gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
 Attachment #163364|0                           |1
        is obsolete|                            |

--- Comment #3 from Jonathan Druart <jonathan.druart at gmail.com> ---
Created attachment 163387
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=163387&action=edit
Bug 36351: Add CSRF tokens to advanced cataloguing editor POST requests

The editor uses ajax post requests to SVC api.
Becuase these apis are XML based requests, they must be handled in the simplest
way, by
embedding the token as a header

To test:
1 - Browse to Cataloguing->Advanced editor
2 - Fill out needed values and save
3 - 403 error
4 - Apply patch
5 - Reload and try agian, success!
6 - Edit and save again, success!

-- 
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.