[Koha-bugs] [Bug 14407] New: Basic access restrictions for web-based self-checkout
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu Jun 18 10:34:42 CEST 2015
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14407
Bug ID: 14407
Summary: Basic access restrictions for web-based self-checkout
Change sponsored?: ---
Product: Koha
Version: master
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5 - low
Component: Self checkout
Assignee: koha-bugs at lists.koha-community.org
Reporter: vanoudt at gmail.com
QA Contact: testopia at bugs.koha-community.org
Web-based self-checkout is fantastic. But it'd be nice to have it a bit more
locked down. Currently, anyone who knows/can guess the right URL can access it,
even from offsite. I have a proof of concept hack, soon to be a patch, that
fixes this.
The hack, at the top of the sco*.pl files, something like
my $restricttoip = '192.168.1.30';
unless ($restricttoip eq $ENV{'REMOTE_ADDR'}) {
print $query->redirect("/cgi-bin/koha/opac-main.pl");
exit;
}
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
More information about the Koha-bugs
mailing list