Pi-Hole/web
1
0
Fork 0
mirror of https://github.com/pi-hole/web.git synced 2026-02-15 07:25:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,103 Commits 23 Branches 112 Tags
67abf257c4d20129039c3cf9b3cc72e8009056a7
Commit Graph

7 Commits

Author SHA1 Message Date
RD WebDesign
8c0f785351 Replace mg.request_info.request_uri with the variable scriptname 
The information from `mg.request_info.request_uri` depends on the URL typed
by the user. This information was used without any sanitization, allowing
an attacker to send crafted links containing anything, including javascript
code, which could be loaded and executed in a few pages.

Replacing this value with `scriptname` variable fixes the issue, since this
variable contains the name of the file currently being executed. This
information cannot be externally manipulated and it is safe to be used on
the page.

Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
 2025-10-19 18:44:52 -03:00
H3xCat
115b7a858b Fix closing head tag formatting 
Signed-off-by: H3xCat <2304691+h3xcat@users.noreply.github.com>
 2025-09-17 23:30:59 -07:00
XhmikosR
66f9c38d03 Make use of the new format_path function to add the current page in body 
This will allow us to target specific pages more easily

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-05-04 09:56:56 +03:00
yubiuser
1e922a8b29 Move all files from /scripts/pi-hole/ to /scripts/ 
Signed-off-by: yubiuser <github@yubiuser.dev>
 2024-10-28 20:22:09 +01:00
RD WebDesign
056b1d1198 Remove extra space 
Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
 2023-11-27 00:51:09 -03:00
DL6ER
30dce2ec54 Address review comments 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2023-10-29 21:00:24 +01:00
DL6ER
1159824b12 Add 404 error page 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2023-10-14 16:04:23 +02:00