Branch: refs/heads/QA_4_6
  Home:   https://github.com/phpmyadmin/phpmyadmin
  Commit: 6c95b73f9028f27ee3e9e4b56eda2d285c807b30
      
https://github.com/phpmyadmin/phpmyadmin/commit/6c95b73f9028f27ee3e9e4b56eda2d285c807b30
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-07-26 (Tue, 26 Jul 2016)

  Changed paths:
    M libraries/core.lib.php
    M test/classes/plugin/auth/AuthenticationCookieTest.php
    M test/classes/plugin/auth/AuthenticationHttpTest.php
    M test/classes/plugin/auth/AuthenticationSignonTest.php
    M test/libraries/core/PMA_headerLocation_test.php

  Log Message:
  -----------
  Do not append session IDs to all URLs in redirect

There is no need to do that as we rely on session cookies anyway. Also
appending sesson ID to external URLs is not a good idea.

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 64f033d3b9d3fd698927500eb5fd2db8f88b9986
      
https://github.com/phpmyadmin/phpmyadmin/commit/64f033d3b9d3fd698927500eb5fd2db8f88b9986
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-07-26 (Tue, 26 Jul 2016)

  Changed paths:
    M ChangeLog
    M libraries/session.inc.php

  Log Message:
  -----------
  Tighthen control on PHP sessions and session cookies

- use only cookies for session
- use http only cookies
- disable transparent session IDs

Signed-off-by: Michal Čihař <mic...@cihar.com>


Compare: 
https://github.com/phpmyadmin/phpmyadmin/compare/53af6a569925...64f033d3b9d3
_______________________________________________
Git mailing list
Git@phpmyadmin.net
https://lists.phpmyadmin.net/mailman/listinfo/git

Reply via email to