From 5c6cfd19337dcdfaec01ee583db6d5181fd5d582 Mon Sep 17 00:00:00 2001
From: shanyan baishui <Siramizu@gmail.com>
Date: Fri, 4 Mar 2011 09:45:43 +0200
Subject: [PATCH 1/6] Translation update done using Pootle.

---
 po/zh_CN.po | 22 ++++------------------
 1 file changed, 4 insertions(+), 18 deletions(-)

diff --git a/po/zh_CN.po b/po/zh_CN.po
index 32f3c2f1b..81c9658d6 100644
--- a/po/zh_CN.po
+++ b/po/zh_CN.po
@@ -4,7 +4,7 @@ msgstr ""
 "Project-Id-Version: phpMyAdmin 3.4.0-beta4-dev\n"
 "Report-Msgid-Bugs-To: phpmyadmin-devel@lists.sourceforge.net\n"
 "POT-Creation-Date: 2011-03-03 07:17+0100\n"
-"PO-Revision-Date: 2011-02-28 18:54+0200\n"
+"PO-Revision-Date: 2011-03-04 09:45+0200\n"
 "Last-Translator: shanyan baishui <Siramizu@gmail.com>\n"
 "Language-Team: chinese_simplified <zh_CN@li.org>\n"
 "Language: zh_CN\n"
@@ -8654,9 +8654,9 @@ msgid ""
 "level directory as described in [a@Documentation.html#setup_script]"
 "documentation[/a]. Otherwise you will be only able to download or display it."
 msgstr ""
-"请在 phpMyAdmin 的根文件夹下创建[a@../Documentation.html#setup_script]文档[/"
-"a]中所述的网站服务器可以写入的 [em]config[/em] 文件夹。否则你只能下载或显示配"
-"置。"
+"请在 phpMyAdmin 的根文件夹下创建 "
+"[a@Documentation.html#setup_script]文档[/a]中所述的网站服务器可以写入的 [em]config[/em] "
+"文件夹。否则你只能下载或显示配置。"
 
 #: setup/frames/index.inc.php:57
 msgid ""
@@ -9625,17 +9625,3 @@ msgstr "视图名"
 #: view_operations.php:91
 msgid "Rename view to"
 msgstr "将视图改名为"
-
-#, fuzzy
-#~| msgid "Delete the matches for the %s table?"
-#~ msgid "Delete the matches for the "
-#~ msgstr "删除 %s 表中所有匹配的记录？"
-
-#~ msgid "Show left delete link"
-#~ msgstr "显示左侧删除链接"
-
-#~ msgid "Show right delete link"
-#~ msgstr "显示右侧删除链接"
-
-#~ msgid "Mailing lists"
-#~ msgstr "邮件列表"

From 9408ebf238bdec44039080c9f0e9a48b5ebb546b Mon Sep 17 00:00:00 2001
From: shanyan baishui <Siramizu@gmail.com>
Date: Fri, 4 Mar 2011 09:46:37 +0200
Subject: [PATCH 2/6] Translation update done using Pootle.

---
 po/zh_CN.po | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/po/zh_CN.po b/po/zh_CN.po
index 81c9658d6..ac50f38f2 100644
--- a/po/zh_CN.po
+++ b/po/zh_CN.po
@@ -4,7 +4,7 @@ msgstr ""
 "Project-Id-Version: phpMyAdmin 3.4.0-beta4-dev\n"
 "Report-Msgid-Bugs-To: phpmyadmin-devel@lists.sourceforge.net\n"
 "POT-Creation-Date: 2011-03-03 07:17+0100\n"
-"PO-Revision-Date: 2011-03-04 09:45+0200\n"
+"PO-Revision-Date: 2011-03-04 09:46+0200\n"
 "Last-Translator: shanyan baishui <Siramizu@gmail.com>\n"
 "Language-Team: chinese_simplified <zh_CN@li.org>\n"
 "Language: zh_CN\n"
@@ -3925,9 +3925,7 @@ msgstr "显示函数列"
 msgid ""
 "Shows link to [a@http://php.net/manual/function.phpinfo.php]phpinfo()[/a] "
 "output"
-msgstr ""
-"显示 [a@http://php.net/manual/function.phpinfo.php]phpinfo() (外链，英文)[/"
-"a] 输出的链接"
+msgstr "显示 [a@http://php.net/manual/function.phpinfo.php]phpinfo()[/a] 输出的链接"
 
 #: libraries/config/messages.inc.php:448
 msgid "Show phpinfo() link"

From 31c76833626b90a28e33fda7f042a67417bc2851 Mon Sep 17 00:00:00 2001
From: shanyan baishui <Siramizu@gmail.com>
Date: Fri, 4 Mar 2011 09:47:35 +0200
Subject: [PATCH 3/6] Translation update done using Pootle.

---
 po/zh_CN.po | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/po/zh_CN.po b/po/zh_CN.po
index ac50f38f2..46716ddf7 100644
--- a/po/zh_CN.po
+++ b/po/zh_CN.po
@@ -4,7 +4,7 @@ msgstr ""
 "Project-Id-Version: phpMyAdmin 3.4.0-beta4-dev\n"
 "Report-Msgid-Bugs-To: phpmyadmin-devel@lists.sourceforge.net\n"
 "POT-Creation-Date: 2011-03-03 07:17+0100\n"
-"PO-Revision-Date: 2011-03-04 09:46+0200\n"
+"PO-Revision-Date: 2011-03-04 09:47+0200\n"
 "Last-Translator: shanyan baishui <Siramizu@gmail.com>\n"
 "Language-Team: chinese_simplified <zh_CN@li.org>\n"
 "Language: zh_CN\n"
@@ -8434,9 +8434,7 @@ msgstr "此 MySQL 服务器正以<b>从</b>服务器运行于<b>复制</b>进程
 msgid ""
 "For further information about replication status on the server, please visit "
 "the <a href=#replication>replication section</a>."
-msgstr ""
-"要获得更多关于此服务器的复制状态，请查看<a href=\"#replication\">复制状态信息"
-"</a>。"
+msgstr "要获得更多关于此服务器的复制状态，请查看<a href=#replication>复制状态信息</a>。"
 
 #: server_status.php:509
 msgid ""

From 29afe63e29d2af2e77744eec12110023efe5db9f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michal=20=C4=8Ciha=C5=99?= <mcihar@novell.com>
Date: Fri, 4 Mar 2011 15:17:32 +0100
Subject: [PATCH 4/6] Allow data: for <img> in CSP

---
 libraries/header_http.inc.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libraries/header_http.inc.php b/libraries/header_http.inc.php
index 6086f38c6..1cf8b47e7 100644
--- a/libraries/header_http.inc.php
+++ b/libraries/header_http.inc.php
@@ -22,7 +22,7 @@ $GLOBALS['now'] = gmdate('D, d M Y H:i:s') . ' GMT';
 /* Prevent against ClickJacking by allowing frames only from same origin */
 if (!$GLOBALS['cfg']['AllowThirdPartyFraming']) {
     header('X-Frame-Options: SAMEORIGIN');
-    header('X-Content-Security-Policy: allow \'self\'; options inline-script eval-script; frame-ancestors \'self\'');
+    header('X-Content-Security-Policy: allow \'self\'; options inline-script eval-script; frame-ancestors \'self\'; img-src data:');
 }
 header('Expires: ' . $GLOBALS['now']); // rfc2616 - Section 14.21
 header('Last-Modified: ' . $GLOBALS['now']);

From 260cf97a06e2e2cb046093228d4267f8501823b7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michal=20=C4=8Ciha=C5=99?= <mcihar@novell.com>
Date: Fri, 4 Mar 2011 15:19:01 +0100
Subject: [PATCH 5/6] Allow loading version information using javascript in CSP

---
 libraries/header_http.inc.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libraries/header_http.inc.php b/libraries/header_http.inc.php
index 1cf8b47e7..f7c27b23a 100644
--- a/libraries/header_http.inc.php
+++ b/libraries/header_http.inc.php
@@ -22,7 +22,7 @@ $GLOBALS['now'] = gmdate('D, d M Y H:i:s') . ' GMT';
 /* Prevent against ClickJacking by allowing frames only from same origin */
 if (!$GLOBALS['cfg']['AllowThirdPartyFraming']) {
     header('X-Frame-Options: SAMEORIGIN');
-    header('X-Content-Security-Policy: allow \'self\'; options inline-script eval-script; frame-ancestors \'self\'; img-src data:');
+    header('X-Content-Security-Policy: allow \'self\'; options inline-script eval-script; frame-ancestors \'self\'; img-src data:; script-src http://www.phpmyadmin.net/home_page/version.js');
 }
 header('Expires: ' . $GLOBALS['now']); // rfc2616 - Section 14.21
 header('Last-Modified: ' . $GLOBALS['now']);

From 612598fe7fbc6c6cf6305a798e9b48b435ea7a91 Mon Sep 17 00:00:00 2001
From: Piotr Przybylski <piotrprz@gmail.com>
Date: Fri, 4 Mar 2011 23:06:49 +0100
Subject: [PATCH 6/6] Fix CSP header: * add 'self' for img-src and script-src *
 version.js access: - remove protocol (shorter and useful mainly when HTTPS is
 required) - remove path (invalid syntax, only hosts are allowed there)

---
 libraries/header_http.inc.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libraries/header_http.inc.php b/libraries/header_http.inc.php
index f7c27b23a..9ad890dba 100644
--- a/libraries/header_http.inc.php
+++ b/libraries/header_http.inc.php
@@ -22,7 +22,7 @@ $GLOBALS['now'] = gmdate('D, d M Y H:i:s') . ' GMT';
 /* Prevent against ClickJacking by allowing frames only from same origin */
 if (!$GLOBALS['cfg']['AllowThirdPartyFraming']) {
     header('X-Frame-Options: SAMEORIGIN');
-    header('X-Content-Security-Policy: allow \'self\'; options inline-script eval-script; frame-ancestors \'self\'; img-src data:; script-src http://www.phpmyadmin.net/home_page/version.js');
+    header('X-Content-Security-Policy: allow \'self\'; options inline-script eval-script; frame-ancestors \'self\'; img-src \'self\' data:; script-src \'self\' www.phpmyadmin.net');
 }
 header('Expires: ' . $GLOBALS['now']); // rfc2616 - Section 14.21
 header('Last-Modified: ' . $GLOBALS['now']);