Branch: refs/heads/QA_4_9 Home: https://github.com/phpmyadmin/phpmyadmin Commit: e3f4a57aa60b441573235c09fb0133e4cb60e35d https://github.com/phpmyadmin/phpmyadmin/commit/e3f4a57aa60b441573235c09fb01... Author: William Desportes williamdes@wdes.fr Date: 2021-08-25 (Wed, 08 August 2021) +02:00

Changed paths: M libraries/classes/Plugins/Auth/AuthenticationSignon.php

Log Message: ----------- Fix #14321 - leaked HTML on auth_type=signon before redirect occurs and on error page when SignonURL is not set

This fix also fixes the display when SignonURL is empty at configuration time.

When the user was redirected there was HTML in the output that could leak some interesting details about the server or the user.

Signed-off-by: William Desportes williamdes@wdes.fr

Commit: ae587aee6911b1aa70e8ca966f104f187d685c71 https://github.com/phpmyadmin/phpmyadmin/commit/ae587aee6911b1aa70e8ca966f10... Author: William Desportes williamdes@wdes.fr Date: 2021-08-25 (Wed, 08 August 2021) +02:00

Changed paths: M ChangeLog

Log Message: ----------- Add ChangeLog entries for #14321

Signed-off-by: William Desportes williamdes@wdes.fr