Dear Team,
During a recent software scan, it was observed that the CSRF token is
missing from both the headers and cookies of koha application.
Could you confirm if it is feasible to configure koha application to
include the CSRF token in both the headers and cookies? If yes, could
you provide guidance or recommended practices for implementing this
configuration?
Secondly Is it possible to restrict the input of special characters in
the Patron module, specifically for fields like the Patron Name?
Regards,
Vikram Zadgaonkar
_______________________________________________
Koha mailing list http://koha-community.org
Koha@lists.katipo.co.nz
Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
