Branch: refs/heads/QA_4_9 Home: https://github.com/phpmyadmin/phpmyadmin Commit: e3f4a57aa60b441573235c09fb0133e4cb60e35d https://github.com/phpmyadmin/phpmyadmin/commit/e3f4a57aa60b441573235c09fb01... Author: William Desportes williamdes@wdes.fr Date: 2021-08-25 (Wed, 08 August 2021) +02:00
Changed paths: M libraries/classes/Plugins/Auth/AuthenticationSignon.php
Log Message: ----------- Fix #14321 - leaked HTML on auth_type=signon before redirect occurs and on error page when SignonURL is not set
This fix also fixes the display when SignonURL is empty at configuration time.
When the user was redirected there was HTML in the output that could leak some interesting details about the server or the user.
Signed-off-by: William Desportes williamdes@wdes.fr
Commit: ae587aee6911b1aa70e8ca966f104f187d685c71 https://github.com/phpmyadmin/phpmyadmin/commit/ae587aee6911b1aa70e8ca966f10... Author: William Desportes williamdes@wdes.fr Date: 2021-08-25 (Wed, 08 August 2021) +02:00
Changed paths: M ChangeLog
Log Message: ----------- Add ChangeLog entries for #14321
Signed-off-by: William Desportes williamdes@wdes.fr