<div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, Oct 3, 2013 at 3:43 PM, Michal Čihař <span dir="ltr"><<a href="mailto:michal@cihar.com" target="_blank">michal@cihar.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi<br>
<br>
Dne Thu, 3 Oct 2013 15:34:16 +0200<br>
Mohamed Ashraf <<a href="mailto:mohamed.ashraf.213@gmail.com">mohamed.ashraf.213@gmail.com</a>> napsal(a):<br>
<div class="im"><br>
> yes normally it is but during logout the token is reset multiple times and<br>
> is changed after the page is loaded somewhere so when the<br>
> get_scripts.js.php is being fetched an old and invalid token is used thus<br>
> the page is not displayed.<br>
><br>
> here is what happens:<br>
> 1 - the logout page is requested,<br>
> 2 - token is reset since the user is not logged in<br>
> 3 - then the html is created to load the get_scripts file using this new<br>
> token which is correct<br>
> 4 - some time after this the token is reset again. I dont know where this<br>
> happens. I output the token in the end of the response class response<br>
> method and it is still the same.<br>
> 5 - the request to the get_script file is made using the old token which is<br>
> rejected<br>
<br>
</div>I don't see need to load anything from common.inc or do token protection<br>
on get_script, please comment:<br>
<br>
<a href="https://github.com/phpmyadmin/phpmyadmin/pull/729" target="_blank">https://github.com/phpmyadmin/phpmyadmin/pull/729</a></blockquote><div>I didnt realize that we removed js minification entirely. Since we actually stopped minifying files I no longer need to access the config. This should work perfectly</div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br>
<div class="HOEnZb"><div class="h5"><br>
--<br>
Michal Čihař | <a href="http://cihar.com" target="_blank">http://cihar.com</a> | <a href="http://blog.cihar.com" target="_blank">http://blog.cihar.com</a><br>
</div></div><br>------------------------------------------------------------------------------<br>
October Webinars: Code for Performance<br>
Free Intel webinars can help you accelerate application performance.<br>
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from<br>
the latest Intel processors and coprocessors. See abstracts and register ><br>
<a href="http://pubads.g.doubleclick.net/gampad/clk?id=60134791&iu=/4140/ostg.clktrk" target="_blank">http://pubads.g.doubleclick.net/gampad/clk?id=60134791&iu=/4140/ostg.clktrk</a><br>_______________________________________________<br>
Phpmyadmin-devel mailing list<br>
<a href="mailto:Phpmyadmin-devel@lists.sourceforge.net">Phpmyadmin-devel@lists.sourceforge.net</a><br>
<a href="https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel" target="_blank">https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel</a><br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br>Mohamed Ashraf
</div></div>