Difuse/luci
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
9572 commits 13 branches 13 tags 306 MiB
Commit graph

9572 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jo-Philipp Wich
9db5fa93af luci-base: fix possible shell injection in luci.tools.status.switch_status() 
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 2018-04-05 00:32:56 +02:00
Jo-Philipp Wich
186e690c08 luci-base: dispatcher: reject non-POST requests with any cbi.submit value 
Due to the fact that luci.model.cbi reacts on any "cbi.submit" value while
the dispatcher only required POST for cbi.submit == 1, the CSRF token
protection could be bypassed.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 2018-04-05 00:15:22 +02:00
Jo-Philipp Wich
697db81246 luci-app-freifunk-diagnostics: use FULL_REQUEST_URI 
Switch from using the REQUEST_URI CGI variable directly to the canonicalized
FULL_REQUEST_URI property.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 2018-04-04 23:32:44 +02:00
Jo-Philipp Wich
8a8eb0d487 luci-app-commands: use FULL_REQUEST_URI 
Switch from using the REQUEST_URI CGI variable directly to the canonicalized
FULL_REQUEST_URI property.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 2018-04-04 23:32:23 +02:00
Jo-Philipp Wich
053c343ef1 luci-base: use FULL_REQUEST_URI on login form templates 
Switch from using the REQUEST_URI CGI variable directly to the canonicalized
FULL_REQUEST_URI property.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 2018-04-04 23:30:49 +02:00
Jo-Philipp Wich
8c617c02b5 luci-base: add FULL_REQUEST_URI template property 
Introduce a new template property FULL_REQUEST_URI which returns the full
canonicalized request URL built from SCRIPT_NAME, PATH_INFO and QUERY_STRING.

This new property is safer to use compared to using the raw REQUEST_URI CGI
environment variable directly as this value is essentially untrusted user
input which may contain embedded escaped slashes, double forward slashes and
other oddities allowing XSS exploitation or request redirection.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 2018-04-04 23:24:31 +02:00
Jo-Philipp Wich
94ea907707 luci-mod-admin-full: use strict hostname validation for dhcp hosts 
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 2018-04-04 23:21:53 +02:00
Jo-Philipp Wich
70ffbe65a0 luci-base: add a strict flag to the hostname validator 
Some applications, e.g. dnsmasq, do not allow hostnames starting with an
underscore, therefor extend the existing hostname datatype validator with
a `strict` which disallows a leading underscore.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 2018-04-04 23:21:53 +02:00
Jo-Philipp Wich
4024d4f224 luci-base: switch to ubus uci operations 
Switch luci.model.uci to use ubus uci calls instead of driving libuci-lua
directly.

This prepares support for more advanced features such as per-session change
isolation and configuration rollback on errors.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 2018-04-04 23:21:53 +02:00
Dirk Brenken
ee46a6c712 luci-app-travelmate: sync with travelmate 1.2.0 
* remove needless 'automatic' and 'trigger' options plus small fixes

Signed-off-by: Dirk Brenken <dev@brenken.org>
 2018-04-04 14:19:23 +02:00
Hannu Nyman
f5671b420a
Merge pull request #1715 from TDT-AG/pr/20180403-luci-app-mwan3-update 
luci-app-mwan3: fixes and improvments
 2018-04-03 17:43:57 +03:00
Florian Eckert
dd637e4f46 luci-app-mwan3: remove unnecessary 'tracking active' hint 
Remove the unnecessary 'tracking active' hint from the status interface
page.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
 2018-04-03 13:30:30 +02:00
Florian Eckert
cd1a979593 luci-app-mwan3: remove diag-rc-legend field id 
On the material theme the "Collecting data" hint in the status pages
was still present on the page even though the command was sucessfull executed.

Remove the legend tag and move the info "Collecting data" to the
"diag-rc-output" tag will solve this issue.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
 2018-04-03 13:30:28 +02:00
Florian Eckert
c390464590 luci-app-mwan3: calculate max interface usage from mmx_mask value 
Show max interface value on interface page dependent on the mmx_mask
value

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
 2018-04-03 13:30:20 +02:00
Qian Zheng
46a2b5ebea luci-base: zh_CN: update Simplified Chinese translation 
Signed-off-by: Qian Zheng <sotux82@gmail.com>
 2018-04-02 11:49:47 +08:00
Dirk Brenken
87c2d95264 luci-base/network.lua: fix get_interface function 
* fix wrong private function call to handle
  section id as parameter (fix for #1687)

Signed-off-by: Dirk Brenken <dev@brenken.org>
 2018-03-31 07:11:02 +02:00
Hannu Nyman
90ed4239d5
Merge pull request #1706 from musashino205/l10n/tmate-upd-ja 
luci-app-travelmate: update Japanese translation
 2018-03-29 16:41:47 +03:00
INAGAKI Hiroshi
86a138b935 luci-app-travelmate: update Japanese translation 
Updated Japanese translations.

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
 2018-03-29 13:13:38 +09:00
INAGAKI Hiroshi
caf4421603 i18n: sync translations 
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
 2018-03-29 12:51:13 +09:00
Jaap Buurman
6c5bfff53c luc-mod-admin-full: add igmp snooping option 
Signed-off-by: Jaap Buurman <jaapbuurman@gmail.com>
 2018-03-28 15:59:29 +02:00
Dirk Brenken
7161284d75
Merge pull request #1703 from dibdot/travelmate 
luci-app-travelmate: made "ignore bssid" flag conditional
 2018-03-28 11:22:15 +02:00
Dirk Brenken
eea92af676
Merge pull request #1704 from TDT-AG/pr/20180328-luci-app-mwan3-fixes 
luci-app-mwan3: fix syntax error and update notify page
 2018-03-28 11:21:56 +02:00
Florian Eckert
3a0d5301ca luci-app-mwan3: update notify info 
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
 2018-03-28 10:59:50 +02:00
Florian Eckert
ed56422a91 luci-app-mwan3: fix strict XHTML syntax error 
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
 2018-03-28 10:59:42 +02:00
Dirk Brenken
189fe1e389 luci-app-travelmate: made "ignore bssid" flag conditional 
* made the "ignore bssid" flag conditional to ease connection
  to hidden networks:
    * default for hidden networks "disabled"
    * default for all others "enabled"

Signed-off-by: Dirk Brenken <dev@brenken.org>
 2018-03-28 09:22:19 +02:00
Dirk Brenken
8d34bf94a6
Merge pull request #1697 from TDT-AG/pr/20180323-luci-base-fix-tblsection 
luci-base: add missing colspan in tblsection if table is empty
 2018-03-27 22:45:57 +02:00
Florian Eckert
70783f5802 luci-base: fix colspans calculation in tblsection 
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
 2018-03-27 10:39:55 +02:00
Hannu Nyman
648fd91798
Merge pull request #1701 from SvenRoederer/patch-2 
wireguard: add dependency to luci-proto-wireguard
 2018-03-26 21:03:50 +03:00
Sven Roederer
ec10a14976
wireguard: add dependency to luci-proto-wireguard 
Installing luci-app-wireguard should also install luci-proto-wireguard, to have it as an protocol for interface setup.

Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
 2018-03-26 19:15:25 +02:00
Hannu Nyman
92408aaf17
Merge pull request #1696 from TDT-AG/pr/20180323-luci-app-mwan3-add-boxes-again 
luci-app-mwan3: add boxes again and update css in luci-theme-material
 2018-03-23 16:59:42 +02:00
Florian Eckert
2729f128c8 luci-theme-material: add missing css classes 
* Add missing css class danger
* Add missing css class success
* Update background color for css class warning

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
 2018-03-23 10:31:46 +01:00
Florian Eckert
10e5171ea6 luci-app-mwan3: add missing graphics boxes again 
Add css boxes for mwan3 status again

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
 2018-03-23 10:30:55 +01:00
Florian Eckert
a279c9abb3 luci-app-mwan3: remove notMonitored status information 
This case is not supported by mwan3 anymore

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
 2018-03-23 10:30:12 +01:00
Jo-Philipp Wich
84b3ba46f8
Merge pull request #1695 from dibdot/regex-dhcphost 
luci-base/util.lua: enhance checklib function
 2018-03-22 10:45:42 +01:00
Dirk Brenken
29d8770983 luci-base/util.lua: enhance checklib function 
* enhance the checklib function in util.lua to check the 'fullpathexe'
  as well, e.g. this fixes runtime errors on the dhcp/dns template in
  environments without dnsmasq

Signed-off-by: Dirk Brenken <dev@brenken.org>
 2018-03-22 10:40:42 +01:00
Hannu Nyman
b254e329c6
Merge pull request #1693 from sotux/master_zh-cn-translation 
luci-app-upnp: zh_CN: Update Simplified Chinese translation
 2018-03-20 10:05:44 +02:00
Qian Zheng
8ecdabdc56 luci-app-upnp: zh_CN: Update Simplified Chinese translation 
Signed-off-by: Qian Zheng <sotux82@gmail.com>
 2018-03-20 09:31:17 +08:00
Hannu Nyman
38f826e2a4
Merge pull request #1692 from EricLuehrsen/unbound_pnet 
unbound: add domain resolution control options
 2018-03-19 17:31:07 +02:00
Hannu Nyman
94d9bfb1da
Merge pull request #1689 from aparcar/asu-fixup 
luci-app-attendedsysupgrade: fixup missing package
 2018-03-19 17:27:50 +02:00
Eric Luehrsen
9bb3400a00 unbound: add domain resolution control options 
Signed-off-by: Eric Luehrsen <ericluehrsen@hotmail.com>
 2018-03-18 21:34:29 -04:00
Dirk Brenken
c575c78d2f
Merge pull request #1691 from dibdot/travelmate 
luci-app-travelmate: final frontend changes for 18.x
 2018-03-18 20:24:36 +01:00
Dirk Brenken
ca6f0a6c89 luci-app-travelmate: final frontend changes for 18.x 
* made qrencode support optional (remove hardcoded dependency)
  * add a conditional QR Code button on overview page,
    remove separate "QR Codes" tab
* move trigger timeout setting to extra section

Signed-off-by: Dirk Brenken <dev@brenken.org>
 2018-03-17 19:04:51 +01:00
Karl Palsson
cc00b01c27 luci-app-pagekitec: new package 
Adds a simple interface to the basic functionality of pagekite services.

Signed-off-by: Karl Palsson <karlp@tweak.net.au>
 2018-03-16 22:59:46 +00:00
Paul Spooren
6551f5c139 luci-app-attendedsysupgrade: fixup missing package 
Signed-off-by: Paul Spooren <spooren@informatik.uni-leipzig.de>
 2018-03-16 18:52:48 +01:00
Dirk Brenken
b2fbfedc7e
Merge pull request #1688 from dibdot/adblock 
luci-app-adblock: remaining fixes
 2018-03-16 13:01:36 +01:00
Dirk Brenken
ab30c8365f luci-app-adblock: remaining fixes 
* missed in the last (untested) commit - sorry.

Signed-off-by: Dirk Brenken <dev@brenken.org>
 2018-03-16 12:59:53 +01:00
Dirk Brenken
7656f51c82
Merge pull request #1686 from dibdot/wifischedule 
luci-app-wifischedule: fix function calls
 2018-03-16 06:37:08 +01:00
Dirk Brenken
44132150fc
Merge pull request #1685 from dibdot/travelmate 
luci-app-travelmate: fix function calls
 2018-03-16 06:36:51 +01:00
Dirk Brenken
d01ddb2928
Merge pull request #1684 from dibdot/adblock 
luci-app-adblock: fix function calls
 2018-03-16 06:36:31 +01:00
Dirk Brenken
14bdc24d4a luci-app-wifischedule: fix function calls 
* fix function calls that have an implicit extra parameter self,
  pre-requisite for PR #1681

Signed-off-by: Dirk Brenken <dev@brenken.org>
 2018-03-15 20:53:47 +01:00