https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=31699
--- Comment #31 from David Cook <dc...@prosentient.com.au> --- At the moment, with Martin's patches, the following will generate a "ERR_INVALID_REDIRECT": http://localhost:8080/cgi-bin/koha/opac-user.pl?return=http://koha-community.org/test If I erase OPACBaseURL, then I get the open redirect vulnerability again. So now I'll add a patch... -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/