Pi-Hole/web
1
0
Fork 0
mirror of https://github.com/pi-hole/web.git synced 2026-05-14 20:50:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
7,255 Commits 25 Branches 114 Tags
fix/regex_pathlike
Commit Graph

25 Commits

Author SHA1 Message Date
RD WebDesign 8c0f785351 Replace mg.request_info.request_uri with the variable scriptname 
The information from `mg.request_info.request_uri` depends on the URL typed
by the user. This information was used without any sanitization, allowing
an attacker to send crafted links containing anything, including javascript
code, which could be loaded and executed in a few pages.

Replacing this value with `scriptname` variable fixes the issue, since this
variable contains the name of the file currently being executed. This
information cannot be externally manipulated and it is safe to be used on
the page.

Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
 2025-10-19 18:44:52 -03:00
XhmikosR 4aaf7fe0e6 header: move unneeded unauthenticated assets to authenticated 
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-06-27 16:43:32 +03:00
Dominik a07dacab77 header_authenticated.lp: add the hostname li only if it's greater t… (#3501) 2025-06-20 20:38:59 +02:00
XhmikosR 64b4756640 Update chart.js to v4.5.0 (#3516) 
* Update chart.js to v4.5.0

Also, switch to the minified file

Signed-off-by: XhmikosR <xhmikosr@gmail.com>

* Update scripts/lua/header_authenticated.lp

Co-authored-by: yubiuser <github@yubiuser.dev>
Signed-off-by: XhmikosR <xhmikosr@gmail.com>

---------

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
Co-authored-by: yubiuser <github@yubiuser.dev>
 2025-06-16 15:50:47 +02:00
XhmikosR 293a84439d header: don't hide advanced info since it's always shown 
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-06-15 08:13:20 +03:00
XhmikosR f78257bd8e header_authenticated.lp: add the hostname li only if it's greater than zero 
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-06-02 17:10:47 +03:00
casperklein f3fd182d00 Add rel="noreferrer" to external hyperlinks 
Signed-off-by: casperklein <casperklein@users.noreply.github.com>
 2025-05-29 22:57:36 +02:00
yubiuser 24fdb48d3f Remove horizontal line in hamburger menu 
Signed-off-by: yubiuser <github@yubiuser.dev>
 2025-05-26 21:17:57 +02:00
XhmikosR 89f4d0af4e header_authenticated: change documentation icon to solid 
It's now consistent with the rest of the icons

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-05-26 09:03:39 +03:00
XhmikosR 66f9c38d03 Make use of the new format_path function to add the current page in body 
This will allow us to target specific pages more easily

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-05-04 09:56:56 +03:00
XhmikosR 2dd128fbfb Revert the defer addition for now 
There are still cases we are getting TypeErrors. We should try again after grouping our assets together in all pages.

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-04-03 07:52:28 +03:00
DL6ER 58616bc8af Remove remaining hard-coded /admin/ paths in the webinterface 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-03-31 21:43:57 +02:00
Dominik 071e5edb4a sidebar: switch to a real button (#3342) 2025-03-27 13:19:36 +01:00
XhmikosR 6c29d5dab8 Logout: fix redirect 
Without this, we were getting into a loop with keep alive enabled
when using Firefox.

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-03-24 08:29:40 +02:00
XhmikosR 5036b1df13 Navigation: switch to a real button 
Better for accessibility

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-03-23 19:19:57 +02:00
XhmikosR 1acb80536b Refactor assets loading 
* move fonts first
* move CSS and JS along with the rest
* move default auto theme media checks to the HEAD instead of imports

Also, use `script defer`. This makes the JS files non-blocking.

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-03-23 07:08:37 +02:00
DL6ER 6a6a3911f0 Merge branch 'development' into new/web_prefix 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-03-18 06:58:10 +01:00
XhmikosR bbcda8ae28 Fix stray - 
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-03-12 08:13:20 +02:00
DL6ER 5f3bcdac3c Merge branch 'development' into new/web_prefix 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-03-09 20:15:59 +01:00
DL6ER e873dfed2b Use document.body.dataset instead of defining a hidden <div> 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-03-09 20:13:33 +01:00
XhmikosR 01a8b8d505 Move image to an external file 
It's the original Pi-hole logo, with the following modifications:

* removed colors
* added the classes we need
* added `currentcolor`

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-03-09 20:01:41 +02:00
DL6ER f8ef22572a Store value of pihole.webhome() in a globally available variable instead of calling pihole.webhome() multiple times 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-03-08 21:37:21 +01:00
XhmikosR 3602a43842 Add missing img dimensions 
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-03-08 15:51:01 +02:00
Toni Förster fa77236432 consistent naming for forum 
Signed-off-by: Toni Förster <toni.foerster@icloud.com>
 2024-12-16 20:38:56 +01:00
yubiuser 1e922a8b29 Move all files from /scripts/pi-hole/ to /scripts/ 
Signed-off-by: yubiuser <github@yubiuser.dev>
 2024-10-28 20:22:09 +01:00