19 Jun
2026
19 Jun
'26
5:12 a.m.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=42876 --- Comment #5 from David Cook <dcook@prosentient.com.au> --- So having just one CSRF token for the session would be interesting, but it is worth noting that printing this same token in the HTML could lead to a breach attack, which is why libraries will typically mask the token value so that it's not repeatable across multiple requests: https://metacpan.org/pod/WWW::CSRF https://docs.djangoproject.com/en/6.0/howto/csrf/ -- You are receiving this mail because: You are watching all bug changes.