* CORS was required to auth (bug) - fixed
* Logging defaults to the default lighttpd error log
* Overridable error log location to support alpine/nginx container or power users
* Put the repeated code into a include for sub/add, auth.php
* Error logs say what failed much better now
* VIRTUAL_HOST should theoretically allow custom hostnames for CORS
Previously had been checking Origin AND Host header, but we should not
check Host header... Removed Host check and only check if Origin header
is set, because otherwise CORS doesn't apply (could be a same-origin
request).
lighttpd suffers from the same same bug/feature apache does, it fills
SERVER_NAME in with the requested URL if connonical names and server
side server name is not configured. No thanks.
Nginx seems to have secure defaults.
If only Host was correct (FireFox and IE only set Host
for same-origin requests) then it would still use the
empty Origin header for the CORS response, leading to
`Access-Control-Allow-Origin: `
Both failed CORS as both browsers, unlike Chrome,
do not send `Origin` headers for same-origin requests.
Now the scripts check if the `Host` header equals
the IP of the Pi-hole. IE may require more fixing,
as it's IE. :P
Updates from using `whitelist.sh` and `blacklist.sh` to
using `pihole`. Currently includes sudo in command, but
after the scripts get updated with sudo checking that
should not be needed.
- Made favicon work across pages
- No longer needs root access to tee command, still needs root access for gravity.sh and whitelist.sh
- Added call to gravity.sh when you remove an item
- Moved header and footer into separate files
- Moved files from list into the main folder
- Got rid of extra dependencies from the old list setup
- Added home button to sidebar
- Renamed original whitelist to "Old Whitelist"
- Added buttons to sidebar for Whitelist and Blacklist
