Pi-Hole/web
1
0
Fork 0
mirror of https://github.com/pi-hole/web.git synced 2026-05-24 01:28:44 +01:00
Code Issues Packages Projects Releases Wiki Activity
7,269 Commits 27 Branches 114 Tags
contributing
Commit Graph

45 Commits

Author SHA1 Message Date
RD WebDesign 4f5bdd1fae Escape output on Queries page, to avoid Stored HTML Injection 
Fix: https://github.com/pi-hole/web/security/advisories/GHSA-jx8x-mj2r-62vq

Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
 2026-03-19 19:38:36 -03:00
Dominik fdbba6b965 Use the properties earliest_timestamp and earliest_timestamp_disk provided by FTL (on related branch) to avoid having to call the (very heavy) GET /info/database endpoint just for sourcing the earliest timestamps in the database 
Signed-off-by: Dominik <dl6er@dl6er.de>
 2026-02-08 10:09:07 +01:00
Rob Gill a83229096d Set the end date for live query update to end of epoch 
Signed-off-by: Rob Gill <rrobgill@protonmail.com>
 2025-12-04 17:31:15 +10:00
Adam Warner 77b3833fa6 Use the start of day for past 7 and 30 days 
No need to check for null on endofTime, it will always have a values

Co-authored-by: yubiuser <github@yubiuser.dev>
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
 2025-11-19 20:06:57 +00:00
Adam Warner 1b509593c9 Treat 0.0 response as NULL. Also get the in-memory timetamp, and then use whichever of the two timestamps is smallest (and non-zero) 
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
 2025-11-12 23:11:53 +00:00
Adam Warner 0f76df92b9 Refactor date range initialization to fetch earliest timestamp from API and set default values 
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
 2025-11-10 00:00:08 +00:00
RD WebDesign 5e3000c141 Make sure the table is redrawn after the dnssec API call returns 
Without this, the icons won't show up on the initial table draw because the
asynchronous AJAX call usually only completes after that.

Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
 2025-10-29 18:04:49 -03:00
Adam Warner dcb07b761b Make DNSSEC icon conditional in Queries Log (redo of https://github.com/pi-hole/web/pull/3399/) (#3535) 2025-10-04 15:33:59 +01:00
Aaron Blankenship be3859db7f Prevents getting stuck loading unlimited query log results. Changed in Queries Log table only. 
Signed-off-by: Aaron Blankenship <aaron@aaronblankenship.com>
 2025-08-24 15:42:59 -05:00
yubiuser fc01fb030e Fix tests 
Signed-off-by: yubiuser <github@yubiuser.dev>
 2025-07-12 10:04:29 +02:00
sharkboots75 eb140af01a Make DNSSEC icon conditional in Queries Log 
Avoid emitting the DNSSEC icon in Domain column if DNSSEC is not being used/tracked

Signed-off-by: sharkboots75 <sharkboots75@gmail.com>
 2025-07-12 10:04:29 +02:00
XhmikosR 8529cb067c Fix a few HTML validation issues 
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-06-16 09:32:51 +03:00
XhmikosR 181fd7122e queries: drop non-existent elements code 
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-05-21 10:13:04 +03:00
Adam Warner f683631afd Use proper Object methods (#3441) 2025-05-19 18:26:44 +01:00
Adam Warner ecb512a0ea queries: improve link to search page (#3422) 2025-05-15 18:00:31 +01:00
XhmikosR 408334380e Use Object methods when possible 
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-05-12 18:46:36 +03:00
XhmikosR f9f6969dc5 queries.js: link to CNAME if available 
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-05-11 18:00:16 +03:00
XhmikosR 7de8aea119 queries: replace the deprecated jQuery.parseJSON with JSON.parse 
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-05-04 20:14:31 +03:00
XhmikosR 7ad15ec82f queries: don't add a link to search if the domain is hidden 
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-05-01 19:20:31 +03:00
XhmikosR 756239a6dd xo: enable strict mode 
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-04-23 20:50:12 +03:00
XhmikosR f8a0a1d4ec Tighten xo rules 
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-04-23 07:53:13 +03:00
yubiuser 7487abd385 Allow free input in upstream filter 
Signed-off-by: yubiuser <github@yubiuser.dev>
 2025-04-21 14:40:30 +02:00
DL6ER b524a2f4b6 Always use document.body.dataset.apiurl instead of the intermediate const apiUrl 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-03-31 22:00:16 +02:00
Adam Warner a73e95e17d Query Log: Add QUERY_EXTERNAL_BLOCKED_EDE15 rules (#3347) 2025-03-29 10:52:29 +00:00
Adam Warner 51fc14a4db Set an upper limit on the number of rows returned for the query log (#3346) 2025-03-29 10:34:08 +00:00
XhmikosR 85ac52adfe Queries: escape querystatus.fieldtext 
Even though right now the API doesn't include any HTML code, it's a better practice to be defensive here.

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-03-27 16:41:22 +02:00
XhmikosR e8e60880ba Queries: use fieldText directly 
It no longer includes raw HTML, so it should be fine to use it directly

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-03-27 15:32:44 +02:00
DL6ER d43fcd7658 Query Log is missing a rule for colorization of QUERY_EXTERNAL_BLOCKED_EDE15 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-03-27 11:58:19 +01:00
Adam Warner 572dcbf110 Remove "All" option from query log, max to 1000 (add in an additional step between 100 and 1000) 
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
 2025-03-26 21:35:52 +00:00
XhmikosR bd693fad80 Queries: fix potential DOM text reinterpreted as HTML issue 
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-03-23 18:32:09 +02:00
DL6ER 5f3bcdac3c Merge branch 'development' into new/web_prefix 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-03-09 20:15:59 +01:00
DL6ER a7f1ca7800 Allow path prefix multiplexing the dashboard and API. See https://github.com/pi-hole/FTL/pull/2319 for further details 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-03-02 20:20:10 +01:00
RD WebDesign f6168a4d03 Use margin-right instead of spaces after dnssec icon in Query Log 
Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
 2025-03-01 01:19:01 -03:00
yubiuser 002c39ef78 Save the state of the query log table infinitely 
Signed-off-by: yubiuser <github@yubiuser.dev>
 2025-02-23 14:28:38 +01:00
DL6ER 64c191fd32 Modify status text if a reply was received for clarify 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-01-30 17:50:50 +01:00
DL6ER c56578b578 Use new dnssec.color instead of the removed dnssecClass variable 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-01-21 19:36:53 +01:00
Dominik 37fcb780a7 Show DNSSEC status icon (if applicable) (#3185) 2025-01-20 18:01:32 +01:00
RD WebDesign 607ef8a2e9 Apply review suggestion 
Co-authored-by: yubiuser <github@yubiuser.dev>
Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
 2024-12-21 19:32:36 -03:00
RD WebDesign fa36f6493c Actually move the icon to the left 
Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
 2024-12-21 18:40:25 -03:00
RD WebDesign 8f57898497 Left align DNSSEC icons 
Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
 2024-12-19 14:56:46 -03:00
Dominik 43efed6834 Use better icon 
Co-authored-by: RD WebDesign <github@rdwebdesign.com.br>
Signed-off-by: Dominik <DL6ER@users.noreply.github.com>
 2024-12-18 21:39:36 +01:00
DL6ER 1bf622f296 Show DNSSEC status icon (if applicable) 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2024-12-18 11:37:28 +01:00
DL6ER e7a97d382a Show extended DNS error (if applicable) 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2024-12-18 10:55:54 +01:00
yubiuser e7f97baab1 Fix prefer-global-this error 
Signed-off-by: yubiuser <github@yubiuser.dev>
 2024-12-07 16:11:35 +01:00
yubiuser 1e922a8b29 Move all files from /scripts/pi-hole/ to /scripts/ 
Signed-off-by: yubiuser <github@yubiuser.dev>
 2024-10-28 20:22:09 +01:00