Branch: refs/heads/QA_4_6 Home: https://github.com/phpmyadmin/phpmyadmin Commit: 6c95b73f9028f27ee3e9e4b56eda2d285c807b30 https://github.com/phpmyadmin/phpmyadmin/commit/6c95b73f9028f27ee3e9e4b56eda... Author: Michal Čihař michal@cihar.com Date: 2016-07-26 (Tue, 26 Jul 2016)
Changed paths: M libraries/core.lib.php M test/classes/plugin/auth/AuthenticationCookieTest.php M test/classes/plugin/auth/AuthenticationHttpTest.php M test/classes/plugin/auth/AuthenticationSignonTest.php M test/libraries/core/PMA_headerLocation_test.php
Log Message: ----------- Do not append session IDs to all URLs in redirect
There is no need to do that as we rely on session cookies anyway. Also appending sesson ID to external URLs is not a good idea.
Signed-off-by: Michal Čihař michal@cihar.com
Commit: 64f033d3b9d3fd698927500eb5fd2db8f88b9986 https://github.com/phpmyadmin/phpmyadmin/commit/64f033d3b9d3fd698927500eb5fd... Author: Michal Čihař michal@cihar.com Date: 2016-07-26 (Tue, 26 Jul 2016)
Changed paths: M ChangeLog M libraries/session.inc.php
Log Message: ----------- Tighthen control on PHP sessions and session cookies
- use only cookies for session - use http only cookies - disable transparent session IDs
Signed-off-by: Michal Čihař michal@cihar.com
Compare: https://github.com/phpmyadmin/phpmyadmin/compare/53af6a569925...64f033d3b9d3
-
Michal Čihař