diff options
| author | mattpiwik <matthieu.aubry@gmail.com> | 2012-02-23 08:26:46 +0400 |
|---|---|---|
| committer | mattpiwik <matthieu.aubry@gmail.com> | 2012-02-23 08:26:46 +0400 |
| commit | 3e7fcfae06ba47402ac8d468776f79c227ab4609 (patch) | |
| tree | b23c2d092cb3d595f2dc5c65c3eea209e3815539 | |
| parent | 28b226ba9608e38376d31b30096e164608bedd10 (diff) | |
Fixes #2940
* Remove enable_framed_logins since we now have the more general enable_framed_pages
* Still backward compatible if user has set enable_framed_logins =1 in a previous version
* updated the [http://piwik.org/faq/how-to/#faq_92 iframe login FAQ]
* Also updated [http://piwik.org/faq/how-to/#faq_92 iframe FAQ] to include mention of the setting
git-svn-id: http://dev.piwik.org/svn/trunk@5888 59fd770c-687e-43c8-a1e3-f5a4ff64c105
| -rw-r--r-- | config/global.ini.php | 4 | ||||
| -rw-r--r-- | core/Controller.php | 3 | ||||
| -rw-r--r-- | plugins/Login/Controller.php | 6 |
3 files changed, 2 insertions, 11 deletions
diff --git a/config/global.ini.php b/config/global.ini.php index d49db5dc8d..b3ef5d7a5b 100644 --- a/config/global.ini.php +++ b/config/global.ini.php @@ -190,10 +190,6 @@ login_password_recovery_email_name = Piwik ; Default is 0 (i.e., bust frames on all non Widget pages such as Login, API, Widgets, Email reports, etc.). enable_framed_pages = 0 -; Set to 1 to disable the framebuster on the Login page only (a click-jacking countermeasure). -; Default is 0 (i.e., bust frames on the Login forms). -enable_framed_logins = 0 - ; Set to 1 to disable the framebuster on Admin pages (a click-jacking countermeasure). ; Default is 0 (i.e., bust frames on the Settings forms). enable_framed_settings = 0 diff --git a/core/Controller.php b/core/Controller.php index 755f252fc4..19b29f5d2c 100644 --- a/core/Controller.php +++ b/core/Controller.php @@ -468,7 +468,8 @@ abstract class Piwik_Controller $view->logoHeader = Piwik_API_API::getInstance()->getHeaderLogoUrl(); $view->logoLarge = Piwik_API_API::getInstance()->getLogoUrl(); - $view->enableFrames = Zend_Registry::get('config')->General->enable_framed_pages; + $view->enableFrames = Zend_Registry::get('config')->General->enable_framed_pages + || Zend_Registry::get('config')->General->enable_framed_logins; if(!$view->enableFrames) { $view->setXFrameOptions('sameorigin'); diff --git a/plugins/Login/Controller.php b/plugins/Login/Controller.php index 4105603b83..84dd044484 100644 --- a/plugins/Login/Controller.php +++ b/plugins/Login/Controller.php @@ -97,12 +97,6 @@ class Piwik_Login_Controller extends Piwik_Controller $view->linkTitle = Piwik::getRandomTitle(); - $view->enableFrames = Zend_Registry::get('config')->General->enable_framed_logins; - if(!$view->enableFrames) - { - $view->setXFrameOptions('sameorigin'); - } - $view->forceSslLogin = Zend_Registry::get('config')->General->force_ssl_login; // crsf token: don't trust the submitted value; generate/fetch it from session data |