http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14407 Bug ID: 14407 Summary: Basic access restrictions for web-based self-checkout Change sponsored?: --- Product: Koha Version: master Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 - low Component: Self checkout Assignee: koha-bugs@lists.koha-community.org Reporter: vanoudt@gmail.com QA Contact: testopia@bugs.koha-community.org Web-based self-checkout is fantastic. But it'd be nice to have it a bit more locked down. Currently, anyone who knows/can guess the right URL can access it, even from offsite. I have a proof of concept hack, soon to be a patch, that fixes this. The hack, at the top of the sco*.pl files, something like my $restricttoip = '192.168.1.30'; unless ($restricttoip eq $ENV{'REMOTE_ADDR'}) { print $query->redirect("/cgi-bin/koha/opac-main.pl"); exit; } -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.