Pi-Hole/web
1
0
Fork 0
mirror of https://github.com/pi-hole/web.git synced 2025-12-21 03:08:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,152 Commits 20 Branches 112 Tags
development
Commit Graph

25 Commits

Author SHA1 Message Date
RD WebDesign
8c0f785351 Replace mg.request_info.request_uri with the variable scriptname 
The information from `mg.request_info.request_uri` depends on the URL typed
by the user. This information was used without any sanitization, allowing
an attacker to send crafted links containing anything, including javascript
code, which could be loaded and executed in a few pages.

Replacing this value with `scriptname` variable fixes the issue, since this
variable contains the name of the file currently being executed. This
information cannot be externally manipulated and it is safe to be used on
the page.

Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
 2025-10-19 18:44:52 -03:00
XhmikosR
4aaf7fe0e6 header: move unneeded unauthenticated assets to authenticated 
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-06-27 16:43:32 +03:00
Dominik
a07dacab77 header_authenticated.lp: add the hostname li only if it's greater t… (#3501) 2025-06-20 20:38:59 +02:00
XhmikosR
64b4756640 Update chart.js to v4.5.0 (#3516) 
* Update chart.js to v4.5.0

Also, switch to the minified file

Signed-off-by: XhmikosR <xhmikosr@gmail.com>

* Update scripts/lua/header_authenticated.lp

Co-authored-by: yubiuser <github@yubiuser.dev>
Signed-off-by: XhmikosR <xhmikosr@gmail.com>

---------

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
Co-authored-by: yubiuser <github@yubiuser.dev>
 2025-06-16 15:50:47 +02:00
XhmikosR
293a84439d header: don't hide advanced info since it's always shown 
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-06-15 08:13:20 +03:00
XhmikosR
f78257bd8e header_authenticated.lp: add the hostname li only if it's greater than zero 
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-06-02 17:10:47 +03:00
casperklein
f3fd182d00 Add rel="noreferrer" to external hyperlinks 
Signed-off-by: casperklein <casperklein@users.noreply.github.com>
 2025-05-29 22:57:36 +02:00
yubiuser
24fdb48d3f Remove horizontal line in hamburger menu 
Signed-off-by: yubiuser <github@yubiuser.dev>
 2025-05-26 21:17:57 +02:00
XhmikosR
89f4d0af4e header_authenticated: change documentation icon to solid 
It's now consistent with the rest of the icons

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-05-26 09:03:39 +03:00
XhmikosR
66f9c38d03 Make use of the new format_path function to add the current page in body 
This will allow us to target specific pages more easily

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-05-04 09:56:56 +03:00
XhmikosR
2dd128fbfb Revert the defer addition for now 
There are still cases we are getting TypeErrors. We should try again after grouping our assets together in all pages.

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-04-03 07:52:28 +03:00
DL6ER
58616bc8af Remove remaining hard-coded /admin/ paths in the webinterface 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-03-31 21:43:57 +02:00
Dominik
071e5edb4a sidebar: switch to a real button (#3342) 2025-03-27 13:19:36 +01:00
XhmikosR
6c29d5dab8 Logout: fix redirect 
Without this, we were getting into a loop with keep alive enabled
when using Firefox.

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-03-24 08:29:40 +02:00
XhmikosR
5036b1df13 Navigation: switch to a real button 
Better for accessibility

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-03-23 19:19:57 +02:00
XhmikosR
1acb80536b Refactor assets loading 
* move fonts first
* move CSS and JS along with the rest
* move default auto theme media checks to the HEAD instead of imports

Also, use `script defer`. This makes the JS files non-blocking.

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-03-23 07:08:37 +02:00
DL6ER
6a6a3911f0 Merge branch 'development' into new/web_prefix 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-03-18 06:58:10 +01:00
XhmikosR
bbcda8ae28 Fix stray - 
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-03-12 08:13:20 +02:00
DL6ER
5f3bcdac3c Merge branch 'development' into new/web_prefix 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-03-09 20:15:59 +01:00
DL6ER
e873dfed2b Use document.body.dataset instead of defining a hidden <div> 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-03-09 20:13:33 +01:00
XhmikosR
01a8b8d505 Move image to an external file 
It's the original Pi-hole logo, with the following modifications:

* removed colors
* added the classes we need
* added `currentcolor`

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-03-09 20:01:41 +02:00
DL6ER
f8ef22572a Store value of pihole.webhome() in a globally available variable instead of calling pihole.webhome() multiple times 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-03-08 21:37:21 +01:00
XhmikosR
3602a43842 Add missing img dimensions 
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-03-08 15:51:01 +02:00
Toni Förster
fa77236432 consistent naming for forum 
Signed-off-by: Toni Förster <toni.foerster@icloud.com>
 2024-12-16 20:38:56 +01:00
yubiuser
1e922a8b29 Move all files from /scripts/pi-hole/ to /scripts/ 
Signed-off-by: yubiuser <github@yubiuser.dev>
 2024-10-28 20:22:09 +01:00