[phpMyAdmin Git] [phpmyadmin/phpmyadmin] e3f4a5: Fix #14321 - leaked HTML on auth_type=signon before redirect occurs and on error page when SignonURL is not set
William Desportes
williamdes at wdes.fr
Wed Aug 25 01:44:20 CEST 2021
Branch: refs/heads/QA_4_9
Home: https://github.com/phpmyadmin/phpmyadmin
Commit: e3f4a57aa60b441573235c09fb0133e4cb60e35d
https://github.com/phpmyadmin/phpmyadmin/commit/e3f4a57aa60b441573235c09fb0133e4cb60e35d
Author: William Desportes <williamdes at wdes.fr>
Date: 2021-08-25 (Wed, 08 August 2021) +02:00
Changed paths:
M libraries/classes/Plugins/Auth/AuthenticationSignon.php
Log Message:
-----------
Fix #14321 - leaked HTML on auth_type=signon before redirect occurs and on error page when SignonURL is not set
This fix also fixes the display when SignonURL is empty at configuration time.
When the user was redirected there was HTML in the output that could leak some interesting details about the server or the user.
Signed-off-by: William Desportes <williamdes at wdes.fr>
Commit: ae587aee6911b1aa70e8ca966f104f187d685c71
https://github.com/phpmyadmin/phpmyadmin/commit/ae587aee6911b1aa70e8ca966f104f187d685c71
Author: William Desportes <williamdes at wdes.fr>
Date: 2021-08-25 (Wed, 08 August 2021) +02:00
Changed paths:
M ChangeLog
Log Message:
-----------
Add ChangeLog entries for #14321
Signed-off-by: William Desportes <williamdes at wdes.fr>
More information about the Git
mailing list