http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9401
--- Comment #1 from Galen Charlton <[email protected]> --- Created attachment 14617 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=14617&action=edit bug 9401: remove direct reads of CGISESSID cookie by JavaScript Having embedded JavaScript read the session cookie directly is unnecessary and prevents the CGISESSID cookie being marked httpOnly as a security measure. The only Koha JS attempting this was the AJAX tags code. To test: - In general, verify that there are no regression withs adding tags in the OPAC or reviewing them in the staff interface. - In specific, for the OPAC - log into the OPAC - retrieve a bib record - add a tag - refresh the bib details page to verify that the tag was added - make sure the TagsInputOnList syspref is on - perform a search - add a tag to more than one record from the search results page - repeat the preceding using the CCSR theme - And in the staff interface - Go to the review tags tool - Reject a tag - Refresh to verify that the tag was rejected Signed-off-by: Galen Charlton <[email protected]> -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
