Branch: refs/heads/master Home: https://github.com/phpmyadmin/phpmyadmin Commit: 240b8332db53dedc27baeec5306dabad3bdece3b https://github.com/phpmyadmin/phpmyadmin/commit/240b8332db53dedc27baeec5306d... Author: Michal Čihař mcihar@suse.cz Date: 2013-07-29 (Mon, 29 Jul 2013)
Changed paths: M doc/config.rst A js/cross_framing_protection.js M libraries/Header.class.php M libraries/Scripts.class.php M libraries/config.default.php M libraries/config/messages.inc.php M libraries/config/setup.forms.php
Log Message: ----------- Readd AllowThirdPartyFraming option
We want by default no framing of phpMyAdmin, but still some sites might need to embed it, so configuration option (with appropriate security warning) is there.
This basically reverts d7e0bed28443e6cf8f41965cc2f27be19c667fa6.
Commit: 24d0eb55203b029f250c77d63f2900ffbe099e8b https://github.com/phpmyadmin/phpmyadmin/commit/24d0eb55203b029f250c77d63f29... Author: Michal Čihař mcihar@suse.cz Date: 2013-07-29 (Mon, 29 Jul 2013)
Changed paths: M js/cross_framing_protection.js M libraries/Header.class.php
Log Message: ----------- Improved protection against cross framing
We now include CSS to hide the page and display it conditionally after checking we're in top frame. This adds extra protection for clients who do not support X-Frame-Options.
See also http://en.wikipedia.org/wiki/Framekiller and https://www.owasp.org/index.php/Clickjacking_Defense_Cheat_Sheet
Commit: f08ff304f9cbe082a76727ff125580af8efc8f91 https://github.com/phpmyadmin/phpmyadmin/commit/f08ff304f9cbe082a76727ff1255... Author: Michal Čihař mcihar@suse.cz Date: 2013-07-29 (Mon, 29 Jul 2013)
Changed paths: M doc/config.rst A js/cross_framing_protection.js M libraries/Header.class.php M libraries/Scripts.class.php M libraries/config.default.php M libraries/config/messages.inc.php M libraries/config/setup.forms.php
Log Message: ----------- Merge branch 'MAINT_4_0_5' into QA_4_0
Commit: c3fa3233115ee8022c1287cb3da07e67eced69c1 https://github.com/phpmyadmin/phpmyadmin/commit/c3fa3233115ee8022c1287cb3da0... Author: Michal Čihař mcihar@suse.cz Date: 2013-07-29 (Mon, 29 Jul 2013)
Changed paths: M import.php M libraries/import.lib.php
Log Message: ----------- Merge branch 'QA_4_0' of github.com:phpmyadmin/phpmyadmin into QA_4_0
Commit: 5c51f4fecb3d2385e3569017d709d8330d54225f https://github.com/phpmyadmin/phpmyadmin/commit/5c51f4fecb3d2385e3569017d709... Author: Michal Čihař mcihar@suse.cz Date: 2013-07-29 (Mon, 29 Jul 2013)
Changed paths: M doc/config.rst A js/cross_framing_protection.js M libraries/Header.class.php M libraries/Scripts.class.php M libraries/config.default.php M libraries/config/messages.inc.php M libraries/config/setup.forms.php
Log Message: ----------- Merge remote-tracking branch 'origin/QA_4_0'
Conflicts: libraries/config/setup.forms.php
Compare: https://github.com/phpmyadmin/phpmyadmin/compare/80e6ecc1c281...5c51f4fecb3d
-
Michal Čihař