phpMyAdmin blank page after login using Safari

It took quite a bit of time…

Using Safari 5.1.9 on OSX 10.6.8, logging into phpMyAdmin 3.5.8.1

After installing ubuntu 13.04 server with PHP, MySQL and phpMyAdmin everything seemed fine until I tried to log-in. I received blank page only. Checking the page source revealed that there was a normal content with all what was needed, except that the page didn’t render anything. To make the long story short:

the whole problem was with CSP headers sent to the browser. Interpretation of them lead to Safari refusing to load frames’ content and Javascripts.

Since I had no time to debug Safari and all stuff around CSP there, a quick and ugly workaround is to find a file named:

header_http.inc.php

inside

/usr/share/phpmyadmin/libraries/

and comment out the whole CSP headers block…

/* Prevent against ClickJacking by allowing frames only from same origin */
/*
if (!$GLOBALS['cfg']['AllowThirdPartyFraming']) {
header('X-Frame-Options: SAMEORIGIN');
header("X-Content-Security-Policy: allow 'self' ; options inline-script eval-script; frame-ancestors 'self'; img-src 'self' data:");
if (PMA_USR_BROWSER_AGENT == 'SAFARI' && PMA_USR_BROWSER_VER < '6.0.0') {
header("X-WebKit-CSP: allow 'self'; options inline-script eval-script");
} else {
header("X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'");
}
}
*/

Of course you WON’T do this on any publicly available production server, will you?

Advertisements
This entry was posted in GNU/Linux, OSX. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s