[open-ils-commits] [GIT] Evergreen ILS branch master updated. 787fc31935b60c5e35509f7a395be1e9815979f8

Evergreen Git git at git.evergreen-ils.org
Thu Aug 16 16:51:37 EDT 2012 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Evergreen ILS".

The branch, master has been updated
       via  787fc31935b60c5e35509f7a395be1e9815979f8 (commit)
      from  9b2262b277ff5ebb93093bf38a786424f5f19128 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 787fc31935b60c5e35509f7a395be1e9815979f8
Author: Dan Scott <dscott at laurentian.ca>
Date:   Sat Aug 4 10:26:25 2012 -0400

    TPAC locale picker: use POST instead of GET
    
    Users could (deliberately or not) change another's language
    preferences by sharing links with the "set_eg_locale" GET param given
    the locale picker's current behaviour. By switching to a POST param, we
    prevent this result from accidentally occurring.
    
    Signed-off-by: Dan Scott <dscott at laurentian.ca>
    Signed-off-by: Art Rhyno <art632000 at yahoo.ca>

diff --git a/Open-ILS/src/templates/opac/parts/locale_picker.tt2 b/Open-ILS/src/templates/opac/parts/locale_picker.tt2
index c3943a6..c81f1f1 100644
--- a/Open-ILS/src/templates/opac/parts/locale_picker.tt2
+++ b/Open-ILS/src/templates/opac/parts/locale_picker.tt2
@@ -1,7 +1,7 @@
 [%- IF ctx.locales.keys.size > 1;
     set_locale = CGI.param('set_eg_locale') || CGI.cookie('eg_locale');
 %]
-<form id="locale_picker_form" action="[% mkurl() %]">
+<form id="locale_picker_form" action="[% mkurl() %]" method="post">
     <label for="locale_picker">[% l("Language:") %]</label>
     [%- FOREACH param IN CGI.params(); -%]
         [%- NEXT IF param.key == 'set_eg_locale'; -%]

-----------------------------------------------------------------------

Summary of changes:
 .../src/templates/opac/parts/locale_picker.tt2     |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)


hooks/post-receive
-- 
Evergreen ILS

More information about the open-ils-commits mailing list