| Age | Commit message (Collapse) | Author |
|---|
|
The zone forwarding list widget misleadingly displays the intra-zone
forwarding policy as default policy action when no forwardings exist
instead of the appropriate global defaults forwarding policy which is
the one applied to inter-zone forwarded traffic.
Fix the issue by displaying the defaults policy and not the per-zone
policy to match what the firewall implementation is actually doing.
Fixes: #2213
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
When creating a new zone through the firewall zone selector widget,
validate the given name before creating new items.
Depends on commit 0b6ae96f2 ("luci-base: cbi.js: recognize invalid
input in dropdown create field").
Fixes: #2211
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Rename "Apply unchecked" to "Apply anyway" for better clarity and update
the base translation files accordingly.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Move some common elements to luci-base, and otherwise make three
packages out of status, system, and network. They were mostly
separated already, but there were some shared elements between
status and network that are now in luci-base.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
|
|
Per the discussion in https://github.com/openwrt/luci/issues/869, make
luci-base sufficient to login, logout, and review and apply or revert
uci changes. This allows most luci-app-xxx to work without having
luci-mod-admin-full installed.
It has been tested with some apps and not luci-mod-admin-full, as well
as with luci-mod-admin-full (to make sure the usual case doesn't break).
Instead of creating a new module namespace (e.g. 'Base') we reduce the
opportunities for breakage by having luci-base take over the 'shell' of
the 'Administration' (admin/....) namespace.
Since admin is assumed by all current building LuCI components (including
Freifunk), this doesn't introduce the 'Administration' tab into any
situation where it would not already be present (but includes it where it
was before).
We also add a "Component not installed" page to avoid fatal errors and
backtrace when e.g. luci-mod-admin-full is not installed.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
|
|
Set a negative tabindex on the dummy password field to not break the form
tab order flow.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Mark the dummy input field as aria-hidden, should fix #2063.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
This patch corrects "to get" to "to be" in apply_widget.htm
This shell command was used to find and make the change in
all impacted files:
find . -type f -exec sed -i 's/Waiting for configuration to get applied/Waiting for configuration to be applied/g' {} +
Signed-off-by: Gregory L. Dietsche <gregory.dietsche@cuw.edu>
|
|
Move the apply widget markup before the final </html> tag to avoid XHTML
errors with the OpenWrt theme.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Rework the apply confirmation mechanism to be session agnostic in order to
circumvent cross domain restrictions which prevent the JS code from issuing
apply confirm requests in some cases, e.g. when changing the LAN IP.
Confirmation calls may now be done from unauthenticated pages, as long as a
matching confirmation token is sent along with the request.
The reasoning behind this is that there is little security impact in
confirming pending apply sessions, especially since those sessions can only
be initiated while being authenticated.
After this change, LuCI will now launch a confirmation process on every
rendered page when a rollback is pending. The confirmation will happen
regardless of whether the user is logged in or not, or if the current page
is a CBI form or static template.
A confirmation request now also requires a random one-time token which is
rendered along with the confirmation JavaScript code in order to succeed.
This token is not meant to provide security but to ensure that the confirm
was triggered from an interactive browser session and not some background
HTTP requests that happened to end up in the admin ui.
As a consequence, the different apply/confirm/rollback code paths in CBI
maps and the UCI change/revert pages have been consolidated into one common
implementation residing in the common global theme agnostic footer template.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Also add a hidden type password field to prevent browser autocompleters
from entering the login passwords into fields liek the wireless WPA key
field.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Add a "data-description" attribute to CBI fields which have a description
set, this allows responsive design themes to render a field description
when decomposing the table grid.
Also reuse the precalculated "typename" property if it exists, instead of
deriving it from the template name yet again.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
The previous refactoring of the template caused the row stripying CSS
classes to be interpolated in such a way, that a separating space to
previous CSS classes was missing, leading to not rendered row names
and other side effects.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
- Make sure that hitting enter in the form hits the CBI save action and not
apply or cancel
- Hide action panel if no actions are available
- CLeanup code
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
- Hide empty title and description rows
- Correct row striping offset
- Cleanup code
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
- Ensure that pressing enter in the form triggers the submit action and
not a cbi skip or cancel
- Hide page actions when empty
- Cleanup code
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Some CBI map models, mainly the Network -> VLAN page, expect a valid
previous section ID in their Section:create() callback.
Previous refactoring of the tblsection markup broke this behaviour as
the "section" loop variable was accidentally localized, causing it to
be undefined outside of the loop body which caused the section add
button and name input fields to get rendered with a wrong "name"
attribute.
Fix this by moving the "section" variable declaration out of the loop
and by readding references to it in the non-anonymous section add case.
Fixes FS#1657
Fixes 002c4d1d5 ("luci-base: add "Name" label to autogenerated title column")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
- Fix button styles in failure message
- Pause XHR polling during apply/rollback sessions
- Throttle confirm requests to 1 request/second
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Commit c0de036b3 ("treewide: always include cbi.js") improperly removed the
cbi.js script include from header.htm, leaving behind the string dictionary.
Move the JSON dictionary to the parent <form> element and delete the
leftover </script> element.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Include cbi.js in the main header template like it is done for xhr.js and
remove the page specific includes.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
- add responsive attributes to partial cbi templates
- unify and fix button style classes
- fix styling of sysauth dialog
- rework firewall_zoneforwards widget
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Also switch the weekday and monthday lists in the firewall rule details to
cbi dropdowns, vastly uncluttering the form.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
This commit introduces the required code for a new, markup based dropdown
widget which can be used as a styleable alternative to select boxes or
radio/checkbox button groups.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
After applying uci configuration, a full map reload is required in many
cases as the anonymous section identifiers might have been rehashed, causing
the rendered map to go out of sync.
To avoid that, add both a full page overlay preventing further page
interaction and let the apply widget forcibly reload the current view once
the operation is complete.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Mostly convert HTML tables to div based markup to allow for easier styling
in the future. Also change JS accessor code accordingly.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Switch to rpcd based uci apply/rollback workflow which helps to avoid soft-
bricking devices by requiring an explicit confirmation call after config
apply.
When a user now clicks "Save & Apply", LuCI first issues a call to uci apply
which commits and reloads configuration, then goes into a polling countdown
mode where it repeatedly attempts to call uci confirm.
If the committed configuration is sane, the confirm call will go through and
cancel rpcd's pending rollback timer.
If the configuration change leads to a loss of connectivity (e.g. due to bad
firewall rules or similar), the rollback mechanism will kick in after the
timeout and revert configuration files and pending changes to the pre-apply
state.
In order to cover such rare cases where a lost of connectivity is expected
and desired, the user is offered an "unchecked" apply option after timing
out, which allows committing and applying the changes anyway, without the
extra safety checks.
As a consequence of this change, the luci-reload mechanism is now completely
unsused since rpcd uses ubus config reload signals to reload affected
services, which means that only procd-enabled services will receive proper
reload treatment with the new workflow.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
This reverts commit 52cf265c9d12537d5f37043350328d30ca11bab4.
I accidentally committed unrelated changes.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Instead of attempting to access the request environment directly (which does
not work anyway using the CGI SGI), use the already sanitized
dispatcher.context.request property to print out the not found url.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Prevent various XSS vectors by not interpolating field and path values
verbatim into script and html contexts.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Switch from using the REQUEST_URI CGI variable directly to the canonicalized
FULL_REQUEST_URI property.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
|
luci-app-firewall/luci-base/luci-mod-admin-full: some fixes and improvements
|
|
* fix for #1667, tested with all standard themes
Signed-off-by: Dirk Brenken <dev@brenken.org>
|
|
If cbi_init() is not called first browser gif will not be found.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
luci-base: view: make checkboxes and radio buttons styleable
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Add an empty, normally invisible label after checkboxes and radio buttons
with cbi-input-{checkbox,radio} classes to allow CSS styling them as
suggested on http://www.paulund.co.uk/style-checkboxes-with-css
Signed-off-by: Nils Schneider <nils@nilsschneider.net>
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
