diff options
| author | Jo-Philipp Wich <jo@mein.io> | 2018-04-05 22:37:37 +0200 |
|---|---|---|
| committer | Jo-Philipp Wich <jo@mein.io> | 2018-04-05 23:03:01 +0200 |
| commit | 731ed77c0bbee7004a6b5645d9a8592a76748a1c (patch) | |
| tree | 682ae002e3459c55d5a66724c11e74507e71ea94 /themes | |
| parent | 7b04d0bbcf0f34393f20ccad8884a67fea9e2863 (diff) | |
treewide: improve handling of page redirections in uci change views
Instead of passing the full LuCI request url, pass the relative resolved
request path instead and filter the received value through the lookup()
dispatcher function to only allow paths to actual internal pages.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Diffstat (limited to 'themes')
4 files changed, 4 insertions, 4 deletions
diff --git a/themes/luci-theme-bootstrap/luasrc/view/themes/bootstrap/header.htm b/themes/luci-theme-bootstrap/luasrc/view/themes/bootstrap/header.htm index 78b98e0355..0441c9583e 100644 --- a/themes/luci-theme-bootstrap/luasrc/view/themes/bootstrap/header.htm +++ b/themes/luci-theme-bootstrap/luasrc/view/themes/bootstrap/header.htm @@ -147,7 +147,7 @@ if ucichanges > 0 then write('<a class="label notice" href="%s?redir=%s">%s: %d</a>' %{ url(category, 'uci/changes'), - http.urlencode(http.formvalue('redir') or REQUEST_URI), + http.urlencode(http.formvalue('redir') or table.concat(disp.context.request, "/")), translate('Unsaved Changes'), ucichanges }) diff --git a/themes/luci-theme-freifunk-generic/luasrc/view/themes/freifunk-generic/header.htm b/themes/luci-theme-freifunk-generic/luasrc/view/themes/freifunk-generic/header.htm index 342a9d4088..8185655285 100644 --- a/themes/luci-theme-freifunk-generic/luasrc/view/themes/freifunk-generic/header.htm +++ b/themes/luci-theme-freifunk-generic/luasrc/view/themes/freifunk-generic/header.htm @@ -205,7 +205,7 @@ if tree.nodes[category] and tree.nodes[category].ucidata then -%> <div id="savemenu"> <% if ucic > 0 then %> - <a class="warning" href="<%=controller%>/<%=category%>/uci/changes/?redir=<%=http.urlencode(http.formvalue("redir") or REQUEST_URI)%>"><%:Unsaved Changes%>: <%=ucic%></a> + <a class="warning" href="<%=controller%>/<%=category%>/uci/changes/?redir=<%=http.urlencode(http.formvalue('redir') or table.concat(disp.context.request, "/"))%>"><%:Unsaved Changes%>: <%=ucic%></a> <% end -%> </div> <% end %> diff --git a/themes/luci-theme-material/luasrc/view/themes/material/header.htm b/themes/luci-theme-material/luasrc/view/themes/material/header.htm index d84fd278a2..be7b9ffb85 100644 --- a/themes/luci-theme-material/luasrc/view/themes/material/header.htm +++ b/themes/luci-theme-material/luasrc/view/themes/material/header.htm @@ -172,7 +172,7 @@ if ucichanges > 0 then write('<a class="label notice" href="%s?redir=%s">%s: %d</a>' %{ url(category, 'uci/changes'), - http.urlencode(http.formvalue('redir') or REQUEST_URI), + http.urlencode(http.formvalue('redir') or table.concat(disp.context.request, "/")), translate('Unsaved Changes'), ucichanges }) diff --git a/themes/luci-theme-openwrt/luasrc/view/themes/openwrt.org/header.htm b/themes/luci-theme-openwrt/luasrc/view/themes/openwrt.org/header.htm index ae348f3856..d6db8e885e 100644 --- a/themes/luci-theme-openwrt/luasrc/view/themes/openwrt.org/header.htm +++ b/themes/luci-theme-openwrt/luasrc/view/themes/openwrt.org/header.htm @@ -104,7 +104,7 @@ if ucic > 0 then write('<a class="warning" href="%s?redir=%s">%s: %d</a>' %{ url(category, 'uci/changes'), - http.urlencode(http.formvalue('redir') or REQUEST_URI), + http.urlencode(http.formvalue('redir') or table.concat(disp.context.request, "/")), translate('Unsaved Changes'), ucic }) |