[Koha-bugs] [Bug 8155] New: Comply with UK Electronic Commerce (EC Directive) Regulations 2002
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri May 25 12:59:37 CEST 2012
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8155
Priority: P5 - low
Change sponsored?: Sponsored
Bug ID: 8155
Assignee: oleonard at myacpl.org
Summary: Comply with UK Electronic Commerce (EC Directive)
Regulations 2002
Severity: critical
Classification: Unclassified
OS: All
Reporter: mjr at software.coop
URL: http://opac/
Hardware: All
Status: ASSIGNED
Version: unspecified
Component: OPAC
Product: Koha
The full details are on
http://www.ico.gov.uk/for_organisations/privacy_and_electronic_communications/the_guide/cookies.aspx
but as I understand it we need a way to avoid setting any cookies on the OPAC
until the user has been warned and consented.
I intend to destroy the session and cookie in C4::Auth::get_template_and_user()
just before it is sent back to the OPAC, as long as no cookie-using features
are enabled; and to add a small notice to the OPAC login forms.
I am marking this as critical because it means Koha should not be used in the
UK (arguably the whole EU) in public until this bug is fixed. Koha admins
should ensure that a cookie notification is included in their staff user
agreements/policies, to cover the intranet interface. (You can also do that if
your OPAC is not public, rather than apply this fix.)
A patch, sponsored by software.coop, will be along shortly.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list