[phpMyAdmin Git] [phpmyadmin/phpmyadmin] 17b85a: Improve AllowThirdPartyFraming configuration (#14688)
Tazo Todua
tazotodua at gmail.com
Wed Oct 24 19:03:18 CEST 2018
Branch: refs/heads/master
Home: https://github.com/phpmyadmin/phpmyadmin
Commit: 17b85ab50ca10dab96ee49153185eaffbe8216f8
https://github.com/phpmyadmin/phpmyadmin/commit/17b85ab50ca10dab96ee49153185eaffbe8216f8
Author: Tazo Todua <tazotodua at gmail.com>
Date: 2018-10-24 (Wed, 10 October 2018) -03:00
Changed paths:
M libraries/classes/Header.php
Log Message:
-----------
Improve AllowThirdPartyFraming configuration (#14688)
The only correct way to check the frame-options. The existing version was incorrect. Even setting to value to "blabla", it bypassed the ! check in php. So, at first, it should be checked if the "sameorigin" is value, and after that, everything other than true should DENY the frame.
Signed-off-by: Tazo Todua <tazotodua at gmail.com>
More information about the Git
mailing list