Difuse/luci
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
LuCI - OpenWrt Configuration Interface
9891 commits 13 branches 13 tags 306 MiB
JavaScript 41.5%
C 26.4%
Lua 14.3%
HTML 6.3%
CSS 3.1%
Other 8.4%
Find a file
Jo-Philipp Wich 7e5331f154 treewide: rework rollback/apply workflow 
Rework the apply confirmation mechanism to be session agnostic in order to
circumvent cross domain restrictions which prevent the JS code from issuing
apply confirm requests in some cases, e.g. when changing the LAN IP.

Confirmation calls may now be done from unauthenticated pages, as long as a
matching confirmation token is sent along with the request.

The reasoning behind this is that there is little security impact in
confirming pending apply sessions, especially since those sessions can only
be initiated while being authenticated.

After this change, LuCI will now launch a confirmation process on every
rendered page when a rollback is pending. The confirmation will happen
regardless of whether the user is logged in or not, or if the current page
is a CBI form or static template.

A confirmation request now also requires a random one-time token which is
rendered along with the confirmation JavaScript code in order to succeed.

This token is not meant to provide security but to ensure that the confirm
was triggered from an interactive browser session and not some background
HTTP requests that happened to end up in the admin ui.

As a consequence, the different apply/confirm/rollback code paths in CBI
maps and the UCI change/revert pages have been consolidated into one common
implementation residing in the common global theme agnostic footer template.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit e5a1ac0228)
2018-07-28 17:14:22 +02:00
applications luci-app-unbound: point documentation to 18.06 branch 2018-07-24 23:21:00 -04:00
build build: add check-controller.sh, a utility to test controller files 2018-04-06 12:02:37 +02:00
collections luci: do not depend on uhttpd-mod-ubus 2018-07-26 20:28:43 +02:00
contrib/package ff_olsrd_watchdog: delete existing tunnels 2018-07-26 20:31:27 +02:00
documentation documentation: regenerate documents from current code base 2018-04-30 14:45:25 +02:00
libs Revert "luci-lib-json: depend on luci-base" 2018-07-03 12:30:44 +02:00
modules treewide: rework rollback/apply workflow 2018-07-28 17:14:22 +02:00
protocols luci-proto-ncm: remove unrelated options 2018-07-26 20:26:54 +02:00
themes luci-theme-openwrt: fix button placement quirk 2018-07-26 20:31:05 +02:00
.buildpath * new project: ff-luci - Freifunk Lua Configuration Interface 2008-03-02 21:52:58 +00:00
.cproject More C-Functions (luci.cutil.instanceof, luci.cutil.pcdata) 2008-11-20 19:22:05 +00:00
.gitignore Update .gitignore 2015-04-20 10:08:23 +02:00
.project LuCI Core C-Rewrite: First steps 2008-11-19 23:02:36 +00:00
CONTRIBUTING.md CONTRIBUTING.md: clarify signed-off-by advice 2015-12-15 14:40:51 +02:00
LICENSE * new project: ff-luci - Freifunk Lua Configuration Interface 2008-03-02 21:52:58 +00:00
luci.mk Merge pull request #1915 from Ansuel/upgrade 2018-06-27 16:43:36 +02:00
NOTICE Update my email addresses in the license headers 2015-01-16 23:49:44 +01:00
README.md docs: link to the developer wiki documentation 2016-09-07 17:10:05 +00:00
THANKYOU * luci: replace all "OpenWRT" occurences with "OpenWrt" 2008-10-27 15:19:58 +00:00

README.md

OpenWrt luci feed

Description

This is the OpenWrt "luci"-feed containing LuCI - OpenWrt Configuration Interface.

Usage

This feed is enabled by default. Your feeds.conf.default (or feeds.conf) should contain a line like:

src-git luci https://github.com/openwrt/luci.git

To install all its package definitions, run:

./scripts/feeds update luci
./scripts/feeds install -a -p luci

API Reference

You can browse the generated API documentation directly on Github.

Development

Documentation for developing and extending LuCI can be found in the Wiki

License

See LICENSE file.

Package Guidelines

See CONTRIBUTING.md file.