summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2015-11-03Redirect to root on empty pathJoel Pedraza
* Prevents an empty Location header * Useful in environments where build_url() could return an empty string (such as http server rewrites requests to /cgi-bin/luci) Signed-off-by: Joel Pedraza <github@saik0.net>
2015-11-01Merge pull request #532 from chris5560/masterChristian Schoenebeck
documentation/CBI.md fixed markdown formating
2015-11-01documentation/CBI.md fixed markdown formatingChristian Schoenebeck
CBI.md: fixed markdown formating ModulesHowTo.md: fixed to make link inside CBI.md work. Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2015-11-01Merge pull request #528 from nmav/no-vpnChristian Schoenebeck
ocserv: removed unnecessary option and add proxy arp option
2015-11-01Merge pull request #531 from chris5560/masterChristian Schoenebeck
template cbi/value.htm implement documented property maxlength
2015-11-01template cbi/value.htm implement documented property maxlengthChristian Schoenebeck
template cbi/value.htm implement already documented property maxlength Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2015-11-01Merge pull request #529 from chris5560/masterChristian Schoenebeck
cbi: Implement "readonly" property for "Value"
2015-11-01ocserv: added proxy arp optionNikos Mavrogiannopoulos
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
2015-11-01luci-app-ocserv: removed unecessary optionNikos Mavrogiannopoulos
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
2015-10-31cbi.lua: Implement "readonly" property for "Value"Christian Schoenebeck
cbi.lua: Implement "readonly" property for "Value" Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2015-10-31template cbi/value.htm: add "readonly" propertyChristian Schoenebeck
template cbi/value.htm: add "readonly" property Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2015-10-31Merge pull request #526 from chris5560/masterChristian Schoenebeck
cbi.lua: Implement Flag.validate function
2015-10-30cbi.lua: Implement Flag.validate functionChristian Schoenebeck
cbi.lua - Implement Flag.validate function to be overwritable - rewritten if clause for easier reading ;-) Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2015-10-29luci-app-voice-core and -diag: mark brokenHannu Nyman
Mark luci-app-voice-core and luci-app-voice-diag @BROKEN as their only functionality is to create menu structure to be filled by items from luci-app-diag-devinfo, which is currently broken due to missing dependencies. References: Initial commit creating all three packages: https://github.com/openwrt/luci/commit/820f11932f548182ebb32704e1df83b78e69b19e Explanation why luci-app-diag-devinfo is currently broken: https://github.com/openwrt/luci/commit/ec6ccf1cd3225b51b958b38c7439f1dea8c28457 If luci-app-diag-devinfo gets its dependencies fixed, these two voice packages might be re-activated. Combining the three packages would increase clarity. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2015-10-28luci-app-firewall: limit zone name length to 11 charactersHannu Nyman
Change the maximum length of a firewall zone name from 14 to 11 characters. Longer names break iptables rule generation (max. 29 chars are allowed). XT_EXTENSION_MAXNAMELEN = 29 29 - sizeof("postrouting_") - sizeof("_rule") - sizeof("\0") = 11 References to: https://github.com/openwrt/luci/issues/507 https://dev.openwrt.org/ticket/20380 Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2015-10-28Merge pull request #494 from ollie27/stringsHannu Nyman
fix string "UPNP" -> "UPnP"
2015-10-28fix string "UPNP" -> "UPnP"Oliver Middleton
Signed-off-by: Oliver Middleton <olliemail27@gmail.com>
2015-10-27Merge pull request #509 from neheb/masterHannu Nyman
resources/icons: Use gifsicle to save a few bytes.
2015-10-27luci-base: eliminiate use of uci state vars in luci.sysJo-Philipp Wich
Rewrite `luci.sys.wifi.getiwinfo()` to use the ubus wireless state instead of depreacated uci state vars in order to map abstract network notation to wireless ifnames. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-27Add link to API referenceJo-Philipp Wich
2015-10-27Move libubus-lua dependency to luci-baseJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-27luci-app-diag-devinfo: mark broken due to dependenciesHannu Nyman
Mark luci-app-diag-devinfo @BROKEN as it has several failing dependencies: Four dependencies from "oldpackages": httping, mac-to-devinfo, smap-to-devinfo, netdiscover-to-devinfo One dependency from "abandoned": smap (netdiscover is currently ok in trunk, but not in 15.05.) Reference to Luci issue #523. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2015-10-25luci-app-statistics: Adjust ping graphs to show target hosts separatelyHannu Nyman
Ping statistics plugin allows the user to define multiple ping targets. The graphs have so far shown multiple hosts in a stacked way. Adjust graphs to show the target hosts separately (overlay=true). Clarify the plugin definition with some additional line spacing. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2015-10-25luci-app-statistics: improve scaling of the associated stations graphHannu Nyman
Improve scaling of the associated stations graph on the wireless page. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2015-10-24Merge pull request #522 from LuttyYang/masterHannu Nyman
luci-theme-material: fix some style bugs
2015-10-24luci-theme-material: fix some style bugsLutty Yang
Signed-off-by: Lutty Yang <lutty@wcan.in>
2015-10-23Merge pull request #521 from LuttyYang/masterHannu Nyman
luci-theme-material: Synchronized to the LUCI version f9e590a
2015-10-23Revert "luci-theme-material: do not infer login state from url (#520)"Hannu Nyman
This reverts commit f9e590aa4741bf337029be3f374a33543cc3f37b in order to enable a clean merge of the PR #521 from the theme author. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2015-10-23luci-theme-material: try find current position by using lua codeLutty Yang
thanks for jow Signed-off-by: Lutty Yang <lutty@wcan.in>
2015-10-23luci-theme-material: Synchronized to the LUCI version f9e590aLutty Yang
Signed-off-by: Lutty Yang <lutty@wcan.in>
2015-10-22luci-theme-material: do not infer login state from url (#520)Jo-Philipp Wich
Checking for `;` in the url is no good indicator whether a user is logged in, instead query the dispatcher and set a `logged-in` CSS class on the `<body>` element if a session exists. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-22luci-mod-admin-full: fix invalid markup in packages.htm (#518)Jo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-22luci-mod-admin-full: restructure and fix backup, restore and sysuprade (#517)Jo-Philipp Wich
Do not use standard post security checking for actions that require file upload since reading the token value will trigger parsing of the http message body before the file upload handler has been set, which causes LuCI to buffer the entire request body in memory. In order to simplify the code and logic flow, split action_flashops() into separate handlers for reset, backup, restore and sysupgrade. Let the backup restore and sysupgrade handlers use the new test_post_security() method in luci.dispatcher to perform token checking *after* setting the upload handler. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-22luci-base: dispatcher expose test_post_security()Jo-Philipp Wich
Allows external code to perform POST and token checking manually. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-21luci-base: ensure that base url is emitted with trailing slashJo-Philipp Wich
Now that we don't have an url token anymore, '/cgi-bin/luci' becomes a valid url while cookies are restricted to only '/cgi-bin/luci/' and below. In order to ensure that the first request after login refers to a path covered by the authentication cookie, change build_url() to always append a trailing slash if we're referring to the base url. This should fix the login problems mentioned in #516. While we're touching the dispatcher, also remove remaining url token code. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-21luci-mod-admin-full: do not access dispatcher.context.urltoken in logoutJo-Philipp Wich
The urltoken table is going to be removed. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-21luci-base: remove security token from urlsJo-Philipp Wich
Now that sensitive urls require post requests and only accept them if a valid security token is sent along the request, we can drop the global random url token to improve LuCI usability. The main improvement is the ability to use multiple tabs with the same login session, but also deep linking to specific urls without the need for another login becomes feasible, e.g. for documentation purposes. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-21luci-app-upnp: protect lease delete call with csrf tokenJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-21luci-app-splash: protect admin status call with csrf tokenJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-21luci-app-radicale: protect start/stop actions with csrf tokenJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-21luci-app-privoxy: protect start/stop actions with csrf tokenJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-21luci-app-ocserv: protect disconnect action with csrf tokenJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-20luci-app-ddns: protect start/stop actions with csrf tokenJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-20luci-mod-admin-full: protect iptables counter reset and restart with tokenJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-20luci-mod-admin-full: protect network post actions with csrf tokensJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-20luci-base: filter invalid opkg status linesJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-20luci-mod-admin-full: protect clock, flash and opkg ops with submit tokenJo-Philipp Wich
* Use post_on() target to require csrf token verification for modifying actions * Ensure that package and flash operation handlers guard modifying operations with parameter check Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-20luci-base: generalize post security token handlingJo-Philipp Wich
* Add a generic helper function to check need for post / csrf token validation * Remove custom token verification in cbi targets * Support requiring post security depending on specific submit parameters, usable through post_on() action Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-13Merge pull request #513 from LuttyYang/masterHannu Nyman
luci-theme-material: PR from Version 0.2.11
2015-10-13luci-theme-material: PR from Version 0.2.11Lutty Yang
Signed-off-by: Lutty Yang <lutty@wcan.in>