[phpMyAdmin Git] [phpmyadmin/phpmyadmin] 17b85a: Improve AllowThirdPartyFraming configuration (#14688)

Tazo Todua tazotodua at gmail.com
Wed Oct 24 19:03:18 CEST 2018

Branch: refs/heads/master
Home: https://github.com/phpmyadmin/phpmyadmin
Commit: 17b85ab50ca10dab96ee49153185eaffbe8216f8
Author: Tazo Todua <tazotodua at gmail.com>
Date: 2018-10-24 (Wed, 10 October 2018) -03:00

Changed paths: 
M libraries/classes/Header.php

Log Message:
Improve AllowThirdPartyFraming configuration (#14688)

The only correct way to check the frame-options. The existing version was incorrect. Even setting to value to "blabla", it bypassed the ! check in php. So, at first, it should be checked if the "sameorigin" is value, and after that, everything other than true should DENY the frame.

Signed-off-by: Tazo Todua <tazotodua at gmail.com>

More information about the Git mailing list