https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36152
--- Comment #9 from David Cook <[email protected]> --- Overall, I'd love to hear all the use cases I can for Javascript in Koha, so that I can design something that works for everyone. -- Locally, I've been thinking of disabling the *UserJS preferences, and moving the code from them into file system files. I'm still thinking about how to inject the '<script src=""></script>' tags though. I'd want it to be configuration driven. Since I work for a vendor, I can do this all on the file system. It would mean customers would need to request Javascript changes, which would increase friction, but it would increase system security (and stability). Alternatively, I've thought about keeping OpacUserJS, but restricting IntranetUserJS, although technically someone could exploit OpacUserJS to take over an admin account and then gain access to the staff interface by changing their password anyway (if they're not using MFA/SSO). More thinking to do... -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
