23 Upgrade notes for 3.0.13
More secure Zabbix setup
Several features have been implemented as part of an effort to "harden" the Zabbix web interface:
- Same origin policy for IFrames. Zabbix now cannot be placed in
frames on a different domain. Still, pages placed into a Zabbix
frame will have access to Zabbix frontend (through JavaScript) if
the page that is placed in the frame and Zabbix frontend are on the
same domain. A page like
http://secure-zabbix.com/cms/page.html, if placed into screens onhttp://secure-zabbix.com/zabbix/, will have full JS access to Zabbix. - Technical errors (PHP/SQL) are now hidden by default from non-Zabbix Super admin users and from users that are not part of user groups with debug mode enabled. This is configurable via the new ZBX_SHOW_TECHNICAL_ERRORS constant, set to 'false' by default.
Item changes
- system.cpu.num agent item on AIX now returns a value based on the logical processors attached to an AIX LPAR and not the physical ones.