nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
36,875 Commits 1 Branch 0 Tags
dddcddbf38729f3362b2562671b510107df72b9b
Commit Graph

18 Commits

Author SHA1 Message Date
Piotr Przybylski
612598fe7f Fix CSP header: 
* add 'self' for img-src and script-src
* version.js access:
- remove protocol (shorter and useful mainly when HTTPS is required)
- remove path (invalid syntax, only hosts are allowed there)
 2011-03-04 23:06:49 +01:00
Michal Čihař
260cf97a06 Allow loading version information using javascript in CSP 2011-03-04 15:19:01 +01:00
Michal Čihař
29afe63e29 Allow data: for <img> in CSP 2011-03-04 15:17:32 +01:00
Michal Čihař
d17fba309c Fix permissions. 
Most files were made executable somewhere in ninadsp tree, reverting
this.
 2010-08-30 09:53:37 +02:00
ninadsp
e646a2760c Fixed conflict due to upstream merge 2010-07-23 21:59:15 +05:30
Michal Čihař
318dc4b650 Drop @version tag from docblocks. 2010-07-20 13:59:17 +02:00
ninadsp
bed1948d04 testing git setup - no major change made in code yet 
only added a few comments
 2010-05-23 01:22:01 +05:30
Michal Čihař
2154120e3a [core] Include Content Security Policy HTTP headers. 
See <https://wiki.mozilla.org/Security/CSP/Specification> for more
details. I hope current rule is flexible enough to avoid impact on
existing functionality.
 2010-04-25 16:51:53 +02:00
Michal Čihař
88af8f2779 Use X-Frame-Options header to protect against ClickJacking. 2010-01-13 13:03:56 +00:00
Michal Čihař
56941e509c Adding @package, second part. 2008-11-24 11:05:40 +00:00
Marc Delisle
afbb2a9dc2 protection against XSS when register_globals is on and .htaccess has no effect 2008-06-21 15:01:27 +00:00
Sebastian Mendel
374abd5173 fixed/added page level docblock 2007-03-20 10:32:13 +00:00
Sebastian Mendel
817e790762 synced/fixed vim line 2007-03-19 17:55:39 +00:00
Michal Čihař
05c719aba3 Fix XSS on some libraries (CVE-2005-3665). 2005-11-24 08:15:00 +00:00
Michal Čihař
94355887ce Use define rather than variable for conditional paths. 2005-11-15 11:14:17 +00:00
Michal Čihař
0ccc8c8611 Allways send text/html content type. 2005-11-15 11:02:08 +00:00
Michal Čihař
928a8b33db Be valid XHTML 2004-04-27 12:36:12 +00:00
Michal Čihař
6884f9701a no more support for php3 2003-11-18 15:20:45 +00:00