Branch: refs/heads/master
Home:
https://github.com/phpmyadmin/phpmyadmin
Commit: 17b85ab50ca10dab96ee49153185eaffbe8216f8
https://github.com/phpmyadmin/phpmyadmin/commit/17b85ab50ca10dab96ee4915318…
Author: Tazo Todua <tazotodua(a)gmail.com>
Date: 2018-10-24 (Wed, 10 October 2018) -03:00
Changed paths:
M libraries/classes/Header.php
Log Message:
-----------
Improve AllowThirdPartyFraming configuration (#14688)
The only correct way to check the frame-options. The existing version was incorrect. Even
setting to value to "blabla", it bypassed the ! check in php. So, at first, it
should be checked if the "sameorigin" is value, and after that, everything other
than true should DENY the frame.
Signed-off-by: Tazo Todua <tazotodua(a)gmail.com>