Pi-Hole/web
1
0
Fork 0
mirror of https://github.com/pi-hole/web.git synced 2026-04-23 02:09:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
5,239 Commits 23 Branches 114 Tags
cd887a2c32717f2917f49e4eae8a1ea743292f68
Commit Graph

1056 Commits

Author SHA1 Message Date
yubiuser
7f13dda4a8 Fix regex 
Signed-off-by: yubiuser <ckoenig@posteo.de>
 2021-09-21 19:59:24 +02:00
yubiuser
2d41191ac3 Lift prefix limitaion for --rev-server 
Signed-off-by: yubiuser <ckoenig@posteo.de>
 2021-09-21 09:25:31 +02:00
a1346054
26f0203137 Trim excess whitespace 
Signed-off-by: a1346054 <36859588+a1346054@users.noreply.github.com>
 2021-09-15 21:23:01 +00:00
a1346054
48c63c0a0b Fix spelling 
Signed-off-by: a1346054 <36859588+a1346054@users.noreply.github.com>
 2021-09-15 21:22:59 +00:00
a1346054
7517028c64 Add final newline 
Signed-off-by: a1346054 <36859588+a1346054@users.noreply.github.com>
 2021-09-15 21:22:56 +00:00
yubiuser
e0ba6ded2a Address review comments 
Signed-off-by: yubiuser <ckoenig@posteo.de>
 2021-09-12 19:42:34 +02:00
yubiuser
9aaa45a034 Add delete button to message table 
Signed-off-by: yubiuser <ckoenig@posteo.de>
 2021-09-12 19:41:15 +02:00
yubiuser
3889c0733f Add forgotton target _blank 
Signed-off-by: yubiuser <ckoenig@posteo.de>
 2021-09-12 12:30:45 +02:00
Adam Warner
2e9bb78472 Merge pull request #1882 from pi-hole/master 
Sync Master back to Dev
 2021-09-11 22:39:57 +01:00
DL6ER
438c5be2f3 Merge pull request #1854 from pi-hole/XhmikosR-patch-1 
footer.php: move FTL before Web Interface
 2021-09-11 22:01:02 +02:00
Adam Warner
25df783378 Apply htmlentities in a couple of places to prevent xss 
Co-authored-by: wtwver <wtwver@users.noreply.github.com>
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
 2021-09-11 20:03:05 +01:00
Adam Warner
cf8602eedd set httponly to true when calling setcookie. the ini_set option above doesn't actually seem to do anything... (but not removing it just in case 
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
 2021-09-11 19:36:18 +01:00
Adam Warner
a7ec9510b5 re-implement fix introduced in 1664090a01 
Release v5.5.1 (based on `master`) has fixed this in `savesettings.php`, but the functionality has since been moved to `func.php` in `devel`, and so the fix needs applying here, too.

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
 2021-08-04 20:44:20 +01:00
Adam Warner
647eba40d3 Merge branch 'release/v5.6' into devel 2021-08-04 20:32:59 +01:00
Adam Warner
dacdb3d72c Merge pull request #1857 from pi-hole/master 
Sync Master -> Dev
 2021-08-04 20:21:44 +01:00
Adam Warner
7aa8057df7 Merge pull request from GHSA-5cm9-6p3m-v259 
Fix (Authenticated) Remote Code Execution Possible in Web Interface 5.5
 2021-08-04 18:13:35 +01:00
Adam Warner
8066069a1f Prevent arbritary js code from beign returned from the database 
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
 2021-08-04 17:29:57 +01:00
XhmikosR
26ec74a75a footer.php: move FTL before Web Interface 
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2021-07-31 21:13:01 +03:00
DL6ER
559150bb1f Fix inverse logic when adding domains on the group management pages. 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2021-07-25 19:03:34 +02:00
DL6ER
03920e3595 Move validation functions into func.php and use the same validation in all cases. 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2021-07-25 16:59:16 +02:00
Adam Warner
68034029b7 Merge pull request #1822 from adyanth/devel 
Adding CORS support via environment variable
 2021-07-04 11:49:01 +01:00
Adam Warner
f229e4fcc9 Merge pull request #1832 from kthchew/safari-15 
Improve `theme-color` and `background-color` for different themes
 2021-07-04 01:51:32 +01:00
Adam Warner
1664090a01 Escape . in regex for validDomainWildcard to ensure malicious commands cannot be passed to the function 
bonus, removed some trailing whitespace on line 30

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
 2021-06-23 17:34:43 +01:00
DL6ER
a2c64d6d19 Merge pull request #1836 from AlexLamond/auto-darkmode 
Added the option for an automatic dark mode based on the device status
 2021-06-22 16:15:51 +02:00
Alex L
57a5518c23 Update scripts/pi-hole/php/theme.php 
Corrected naming conventions for files and theme name

Co-authored-by: DL6ER <DL6ER@users.noreply.github.com>
Signed-off-by: Alex Lamond <9060360+AlexLamond@users.noreply.github.com>
 2021-06-22 12:52:24 +02:00
AlexLamond
5538af20b8 Added the option for an automatic dark mode based on the device status 
Signed-off-by: = <9060360+AlexLamond@users.noreply.github.com>
Signed-off-by: Alex Lamond <9060360+AlexLamond@users.noreply.github.com>
 2021-06-22 12:52:24 +02:00
Kenneth Chew
2f3f4e6056 Adapt theme-color and background-color for different themes 
Signed-off-by: Kenneth Chew <kenneth.c0@protonmail.com>
 2021-06-19 01:02:53 -04:00
Adyanth H
5331620b71 Change tabs to spaces 
Signed-off-by: Adyanth H <33192449+adyanth@users.noreply.github.com>
 2021-06-16 10:42:13 +05:30
Adyanth H
23364cfc55 Adding CORS support via environment variable 
Signed-off-by: Adyanth H <33192449+adyanth@users.noreply.github.com>
 2021-06-07 16:19:04 +05:30
Sean F Quinn
774f95f3fa Fixes pi-hole/AdminLTE#1796 
Signed-off-by: Sean F Quinn <sean@esqew.com>
 2021-05-06 14:02:09 -04:00
DL6ER
ca71bc8df8 Check if we can get a host name from the database when looking up the MAC address of this client instead 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2021-04-29 09:28:12 +02:00
Dylan Sealy
4fc8f283f6 Password autocompletion 
Signed-off-by: Dylan Sealy <66305635+DylanSealy@users.noreply.github.com>
 2021-04-21 22:38:51 +02:00
Adam Warner
5435945f29 Merge pull request #1759 from Yrlish/patch-1 
Trim CNAME target input field value data
 2021-04-12 20:28:08 +01:00
Dennis Alexandersson
93464cb9bf Trim CNAME target input field value data 
Signed-off-by: Dennis Alexandersson <dennis@alexandersson.xyz>
 2021-03-06 10:00:32 +01:00
DL6ER
1195920211 Merge pull request #1731 from pi-hole/fix/dark_theme_links 
Add Pi-hole darker theme
 2021-02-28 17:00:52 +01:00
Will Cooke
b69e774bf3 Simple typo fix: static release -> static lease. 
Signed-off-by: Will Cooke <will@whizzy.org>
 2021-02-27 15:02:52 +00:00
Jean-Philippe Doyle
854dab6204 Add update command & documentation link 
Signed-off-by: Jean-Philippe Doyle <jeanphilippe.doyle@hooktstudios.com>
 2021-02-25 00:10:47 -05:00
DL6ER
6a4634c185 Merge pull request #1742 from pi-hole/master 
Sync master back to devel
 2021-02-17 11:02:11 +01:00
Jonny Bolton
590749b7eb Typo fixed in save settings 
Signed-off-by: Jonny Bolton <jonnybolton@gmail.com>
 2021-02-16 17:39:39 +00:00
DL6ER
1b3cfb66ee Add new Pi-hole 'default-darker' theme 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2021-02-05 08:00:23 +01:00
DL6ER
64b36564c5 Regenerate session ID on successful login to prevent session fixation 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2021-02-03 14:37:58 +01:00
DL6ER
d4e46df28e Prevent javascript XSS attacks aimed to steal the session ID 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2021-02-03 14:18:29 +01:00
DL6ER
22d7df9116 Properly escape possible user-input 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2021-02-03 14:18:06 +01:00
DL6ER
d065328eb1 Merge branch 'devel' into new/OTHER_types 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2021-01-15 05:52:16 +01:00
Adam Warner
136006b1ee Merge pull request #1675 from pi-hole/new/SVCB_HTTPS 
Add SVCB and HTTPS types
 2021-01-13 21:15:12 +00:00
Adam Warner
952c1572f5 Merge pull request #1683 from mdujava/basic_auth 
Url of adlist can contain userinfo (basicauth)
 2021-01-13 20:41:50 +00:00
Adam Warner
509a082d02 Update scripts/pi-hole/php/groups.php 2021-01-13 20:40:04 +00:00
DL6ER
012116a58d Merge pull request #1672 from pi-hole/fix/groups_backend 
Bugfix allowing to effectively set empty domain/client/adlist groupsets
 2021-01-13 21:28:20 +01:00
Matej Dujava
c09263b926 Adlist can contain userinfo (basicauth) 
Web side of fix https://github.com/pi-hole/pi-hole/pull/3912

Signed-off-by: Matej Dujava <mdujava@kocurkovo.cz>
 2021-01-05 19:54:28 +01:00
DL6ER
9b19104ae6 Merge pull request #1654 from buchwasa/phpstan-fixes 
Fixes in func.php from phpstan
 2020-12-31 11:59:23 +01:00