Hi, it seems that my fix [0] is causing a problem [1] on some servers (including our demo server). However I am unable to reproduce the problem.
There is a style element (cfs-style) that sets the whole page to display:none. Then, we are loading (conditionally) js/cross_framing_protection.js that is supposed to remove this element but on the problematic servers, this script (and other dynamic js scripts) are not loaded.
I tried with $cfg['AllowThirdPartyFraming'] set to the default false and also to true.
Does someone have a hint?
[0] https://github.com/phpmyadmin/phpmyadmin/commit/33b39f9f1dd9a4d27856530e5ac0...
[1] https://sourceforge.net/p/phpmyadmin/bugs/4539/
Marc Delisle a écrit :
Hi, it seems that my fix [0] is causing a problem [1] on some servers (including our demo server). However I am unable to reproduce the problem.
There is a style element (cfs-style) that sets the whole page to display:none. Then, we are loading (conditionally) js/cross_framing_protection.js that is supposed to remove this element but on the problematic servers, this script (and other dynamic js scripts) are not loaded.
I tried with $cfg['AllowThirdPartyFraming'] set to the default false and also to true.
Does someone have a hint?
[0] https://github.com/phpmyadmin/phpmyadmin/commit/33b39f9f1dd9a4d27856530e5ac0...
This happens because of a mishap when releasing the three security versions on 2014-09-13. Those who are running from the STABLE branch should delete this branch and recreate it.
-
Marc Delisle