Pi-Hole/web
1
0
Fork 0
mirror of https://github.com/pi-hole/web.git synced 2026-04-02 08:32:55 +01:00
Code Issues Packages Projects Releases Wiki Activity
7,102 Commits 26 Branches 113 Tags
79c4c14a21c7d30c7d25cf9668120e2a3e590f9b
Commit Graph

2884 Commits

Author SHA1 Message Date
Dominik
79c4c14a21 Merge development into new/simple-dhcp-static-leases and address review feedback 
Resolve merge conflict in style/pi-hole.css (keep both StaticDHCPTable
styles and DNSSEC query log styles).

Address outstanding reviewer feedback:
- Change save button icon from floppy-disk to checkmark to clarify it
  confirms the row edit, not a final save
- Update hint text to mention "Save & Apply" is still needed
- Add hostname validation on the hostname cell (rejects spaces, commas,
  and other characters invalid in DNS names)

Signed-off-by: Dominik <dl6er@dl6er.de>
 2026-03-25 07:23:10 +01:00
Adam Warner
4159aaade6 Merge commit from fork 
HTML escape adlist URL and non-domain entried before printing it in gravity stream
 2025-10-25 10:08:44 +01:00
RD WebDesign
8c0f785351 Replace mg.request_info.request_uri with the variable scriptname 
The information from `mg.request_info.request_uri` depends on the URL typed
by the user. This information was used without any sanitization, allowing
an attacker to send crafted links containing anything, including javascript
code, which could be loaded and executed in a few pages.

Replacing this value with `scriptname` variable fixes the issue, since this
variable contains the name of the file currently being executed. This
information cannot be externally manipulated and it is safe to be used on
the page.

Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
 2025-10-19 18:44:52 -03:00
yubiuser
febc2b870a Escape all lines to also prevent XSS for non-domain entries 
Signed-off-by: yubiuser <github@yubiuser.dev>
 2025-10-12 15:44:23 +02:00
RD WebDesign
507fde4edf Add CPU usage percentage to the Load tooltip 
Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
 2025-10-06 22:34:47 -03:00
yubiuser
4f11435291 Update FTL %cpu and %mem everytime total CPU stats are updated 
Signed-off-by: yubiuser <github@yubiuser.dev>
 2025-10-06 21:18:46 +02:00
Dominik
5ecfcf3f19 Adjust domain count according to pi-hole/FTL#2177 (#3619) 2025-10-05 09:55:38 +02:00
Adam Warner
4b5697c7be Fix addList function to include type in API request URL 
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
 2025-10-04 22:35:27 +01:00
yubiuser
078e34c96d Adjust domain count according to https://github.com/pi-hole/FTL/pull/2177 
Signed-off-by: yubiuser <github@yubiuser.dev>
 2025-10-04 22:21:06 +02:00
Adam Warner
dcb07b761b Make DNSSEC icon conditional in Queries Log (redo of https://github.com/pi-hole/web/pull/3399/) (#3535) 2025-10-04 15:33:59 +01:00
yubiuser
94e8e909b7 Improve line graph tooltip (#3601) 2025-10-04 08:58:29 +02:00
RD WebDesign
c6a2e8572e Trigger the offset effect when the mouse is over a legend item 
Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
 2025-09-19 17:11:10 -03:00
RD WebDesign
ec5f8b7037 Add offset effect on hover to the doughnut charts 
We need to add a small padding to avoid "clipping" the arc/slice.
This happens because when an arc/slice expands, it grows beyond the canvas
limits and get clipped.

Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
 2025-09-19 17:04:48 -03:00
RD WebDesign
ca57bcfb5c Include the upstream DNS server name to the link, when needed 
The link must send the "upstream" parameter in exactly the same format used
by the "suggestions" API.
The format is: "upstream=<IP>#<port> (<servername>)".
This will ensure that when a link is clicked, the correct server name will
be highlighted in the SELECT element on the queries.lp page and no other
OPTION element will be created.

Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
 2025-09-16 16:47:03 -03:00
RD WebDesign
af471bec94 Show the upstream server IP on the title tooltip 
Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
 2025-09-15 23:03:26 -03:00
RD WebDesign
48666e1ffd Use an array to store upstream server IPs 
This will avoid overwritting the IP when more than one upstream DNS server uses the same name

Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
 2025-09-15 22:34:06 -03:00
RD WebDesign
52441b7b1b Remove unnecessary code 
The outer `if` (line 92) already guarantees only 2 possible values.
If `isQueryTypeChart` is false, `isForwardDestinationChart` must be true.

Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
 2025-09-15 22:11:44 -03:00
yubiuser
2c1876879d Fix calculation of tootlip percentage 
Signed-off-by: yubiuser <github@yubiuser.dev>
 2025-09-10 11:12:04 +02:00
yubiuser
66eb947718 Only display items in queryOverTimeChart tooltips with at least 1 query 
Signed-off-by: yubiuser <github@yubiuser.dev>
 2025-09-10 11:12:04 +02:00
yubiuser
9dc305c2b5 Show tooltip of bar graphs below x-axis 
Signed-off-by: yubiuser <github@yubiuser.dev>
 2025-09-10 11:11:52 +02:00
Aaron Blankenship
be3859db7f Prevents getting stuck loading unlimited query log results. Changed in Queries Log table only. 
Signed-off-by: Aaron Blankenship <aaron@aaronblankenship.com>
 2025-08-24 15:42:59 -05:00
yubiuser
035a2861bf Use /flush/network instead of /flush/arp (#3553) 2025-08-14 21:13:41 +02:00
DL6ER
ce2a4501c6 Better synchronize lines numbers and textarea 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-07-24 06:21:34 +02:00
DL6ER
9959791c31 Reject saving if there are still validation errors in the table 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-07-20 20:40:24 +02:00
DL6ER
3489ddf284 Validate hwaddr and IP address while typing 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-07-20 20:33:35 +02:00
yubiuser
55e8e4a328 Use \u001B instead of (hidden) ESC character 
Signed-off-by: yubiuser <github@yubiuser.dev>
 2025-07-19 21:53:45 +02:00
yubiuser
b4af886192 HTML escape adlist URL before printing it in gravity stream 
Co-authored-by: DL6ER <dl6er@dl6er.de>
Signed-off-by: yubiuser <github@yubiuser.dev>
 2025-07-19 21:53:45 +02:00
Dominik
f518450115 Bind address to new element instead of raw HTML construction (#3567) 2025-07-17 07:25:44 +02:00
yubiuser
ac7b9845b6 Also trim CNAME input fields 
Signed-off-by: yubiuser <github@yubiuser.dev>
 2025-07-16 22:03:25 +02:00
yubiuser
d2dc2535bb Trim whitespaces before adding custom DNS record 
Signed-off-by: yubiuser <github@yubiuser.dev>
 2025-07-16 22:00:03 +02:00
DL6ER
e137dd0a0f Bind address to new element instead of raw HTML construction 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-07-16 16:19:46 +02:00
Dominik
6023387c7d Use innerHTML instead of append to fix gravity color output (#3566) 2025-07-16 09:57:58 +02:00
yubiuser
1c753f7cc6 Use innerHTML instead of append to fix gravity color output 
Signed-off-by: yubiuser <github@yubiuser.dev>
 2025-07-16 09:03:23 +02:00
DL6ER
e7d70559c3 Add line numbers to dhcp.hosts textarea 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-07-16 08:28:51 +02:00
DL6ER
69b461ae8e Add IPv6 support for static DHCP lease management 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-07-15 20:16:30 +02:00
DL6ER
320c8d9973 Allow "-" as separator for MAC addresses 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-07-15 16:00:09 +02:00
DL6ER
f1ddb23825 Bind data attributes instead of inlining them for security (to prevent any possibility for code injection) 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-07-15 13:02:55 +02:00
DL6ER
416468f233 Remove unused code 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-07-15 12:48:22 +02:00
DL6ER
937cd04734 Add tooltips to the action buttons 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-07-15 12:41:01 +02:00
DL6ER
2495a8e175 Add copy from current to static DHCP leases button 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-07-15 12:30:08 +02:00
DL6ER
fbed99b338 Add static DHCP lease editing table fully synced with the advanced textarea below 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-07-15 11:55:29 +02:00
yubiuser
1fd924fcff Use label-primary for number of enabled list icon on sidebar 
Signed-off-by: yubiuser <github@yubiuser.dev>
 2025-07-13 16:21:18 +02:00
yubiuser
fc01fb030e Fix tests 
Signed-off-by: yubiuser <github@yubiuser.dev>
 2025-07-12 10:04:29 +02:00
sharkboots75
eb140af01a Make DNSSEC icon conditional in Queries Log 
Avoid emitting the DNSSEC icon in Domain column if DNSSEC is not being used/tracked

Signed-off-by: sharkboots75 <sharkboots75@gmail.com>
 2025-07-12 10:04:29 +02:00
yubiuser
41cdc9728c Show pointer only for clickable items 
Signed-off-by: yubiuser <github@yubiuser.dev>
 2025-07-12 09:20:05 +02:00
yubiuser
a89fdda77e Only underline clickable legend items in pie charts 
Signed-off-by: yubiuser <github@yubiuser.dev>
 2025-07-12 09:10:34 +02:00
Adam Warner
353ba2f163 charts.js: refactor to reduce complexity, improve readability and per… (#3542) 2025-07-11 23:09:54 +01:00
Adam Warner
b90361cf41 interfaces: switch to vanilla JS and refactor code to reduce complexi… (#3544) 2025-07-11 18:51:00 +01:00
Adam Warner
014ce38f87 gravity: convert to vanilla JS and refactor code (#3545) 2025-07-11 18:48:19 +01:00
Adam Warner
acc8583f43 utils: modernize hex functions (#3546) 2025-07-11 18:42:41 +01:00