[open-ils-commits] [GIT] Evergreen ILS branch rel_2_3 updated. 9a5b83b46dcf8bbcdc8d61d437191144a4bcbc6c

Evergreen Git git at git.evergreen-ils.org
Thu Aug 16 16:52:06 EDT 2012 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Evergreen ILS".

The branch, rel_2_3 has been updated
       via  9a5b83b46dcf8bbcdc8d61d437191144a4bcbc6c (commit)
      from  fc568aaaeaa6c429690c2ed6028aa3c5811c0424 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 9a5b83b46dcf8bbcdc8d61d437191144a4bcbc6c
Author: Dan Scott <dscott at laurentian.ca>
Date:   Sat Aug 4 10:26:25 2012 -0400

    TPAC locale picker: use POST instead of GET
    
    Users could (deliberately or not) change another's language
    preferences by sharing links with the "set_eg_locale" GET param given
    the locale picker's current behaviour. By switching to a POST param, we
    prevent this result from accidentally occurring.
    
    Signed-off-by: Dan Scott <dscott at laurentian.ca>
    Signed-off-by: Art Rhyno <art632000 at yahoo.ca>

diff --git a/Open-ILS/src/templates/opac/parts/locale_picker.tt2 b/Open-ILS/src/templates/opac/parts/locale_picker.tt2
index c3943a6..c81f1f1 100644
--- a/Open-ILS/src/templates/opac/parts/locale_picker.tt2
+++ b/Open-ILS/src/templates/opac/parts/locale_picker.tt2
@@ -1,7 +1,7 @@
 [%- IF ctx.locales.keys.size > 1;
     set_locale = CGI.param('set_eg_locale') || CGI.cookie('eg_locale');
 %]
-<form id="locale_picker_form" action="[% mkurl() %]">
+<form id="locale_picker_form" action="[% mkurl() %]" method="post">
     <label for="locale_picker">[% l("Language:") %]</label>
     [%- FOREACH param IN CGI.params(); -%]
         [%- NEXT IF param.key == 'set_eg_locale'; -%]

-----------------------------------------------------------------------

Summary of changes:
 .../src/templates/opac/parts/locale_picker.tt2     |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)


hooks/post-receive
-- 
Evergreen ILS

More information about the open-ils-commits mailing list