[Koha-bugs] [Bug 9401] New: Javascript used for tags handling wants access to CGISESSID cookie
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Wed Jan 16 06:07:19 CET 2013
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9401
Bug ID: 9401
Summary: Javascript used for tags handling wants access to
CGISESSID cookie
Classification: Unclassified
Change sponsored?: ---
Product: Koha
Version: master
Hardware: All
OS: All
Status: NEW
Severity: minor
Priority: P5 - low
Component: Architecture, internals, and plumbing
Assignee: gmcharlt at gmail.com
Reporter: gmcharlt at gmail.com
Some Javascript used for processing bib record tags in the OPAC and staff
interface wants to read the value of the CGISESSID cookie. If it actually
needed to, that would be a blocker to making the session cookie be httpOnly
(see bug 9102). Fortunately, as it doesn't actually need to know the session
key, it suffices to remove the offending code.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list