nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

protection against cross-frame scripting

Browse Source
This commit is contained in:
Marc Delisle
2008-07-24 17:12:32 +00:00
parent 37b3fbb8e3
commit 152a7342fd
4 changed files with 36 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
Documentation.html
View File

@@ -577,6 +577,11 @@ GRANT ALL PRIVILEGES ON user_base.* TO 'real_user'@localhost IDENTIFIED BY 'real
You can set this parameter to <tt>TRUE</tt> to stop this message
from appearing.</dd>
<dt id="cfg_AllowThirdPartyFraming">$cfg['AllowThirdPartyFraming'] boolean</dt>
<dd>Setting this to <tt>true</tt> allows a page located on a different
domain to call phpMyAdmin inside a frame, and is a potential security
hole allowing cross-frame scripting attacks.</dd>
<dt id="cfg_blowfish_secret">$cfg['blowfish_secret'] string</dt>
<dd>The &quot;cookie&quot; auth_type uses blowfish
algorithm to encrypt the password.<br />