summaryrefslogtreecommitdiffhomepage
path: root/modules/luci-base
AgeCommit message (Collapse)Author
2015-12-15Merge pull request #564 from cshore/pull-request-app-firewall-timedateJo-Philipp Wich
Pull request app firewall timedate
2015-12-15lib-nixio / luci-base: Fix for reading csrf token prevents file uploadDaniel Dickinson
The call to http.formvalue in order to read the csrf token causes _parse_input to be triggered *before* controllers and cbi maps have been built. This results in the failure of file uploads because the file handler is not yet in place when _parse_input gets called, and it is in _parse_input that POST data is parsed (including files). To fix this we add the ability to write file fields to temporary files (using mkstemp and unlink in nixio.file) and use this to store file data until the filehandler is registered, with a fallback to reading the file data into memory. Once the filehandler callback gets registered we iterate though all previously parsed (saved) files and copy the data to the file handler, and then close the temporary file (which finally removes because we unlinked after creating the file, but didn't close the file so unlink was deferred). Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
2015-12-15validation: Add option ipv4only option to host and hostport datatypesDaniel Dickinson
Some applications only support ipv4 so add ipv4only option to host and hostport datatypes so that for thos applications that when an IP address is specified only and ipv4 ip address gets accepted.
2015-12-15modules/luci-base: Fix ipaddrport validator to support ipv6Daniel Dickinson
The previous versiono of ipaddrport validator only worked for ipv4 due to disallowing colons (:) in ip address which obvious fails for ipv6. We now instead allow either ipv4 address or an ipv6 address of the form [<ipv6address>]:port
2015-12-15luci-base: Make default for FileUpload 'safe'Daniel Dickinson
Some files and pointers to files are not safe to remove without a replacement file and config pointing to the file. For instance for uhttpd application in the works, removing the certificate or key config or files without having the replacements in places renders the WeUI inaccessible. The only other place where FileUpload is currently used is for wifi certificates for which the 'safe' handling is also preferred. Therefore make the default for the FileUpload widget the safe handling and add a property self.unsafeupload that allows for the old unsafe handling should it prove useful in some case. Also allow to specify a file already on router instead of uploading a file. Signed-off By: Daniel Dickinson <openwrt@daniel.thecshore.com>
2015-12-14applications: firewall: Add time and date for rules and redirectsDaniel Dickinson
UCI config for the firewall has the option of specifying time and date limitations; add these options the UI.
2015-12-14luci-base: Add time and data datatypes for use with firewall appDaniel Dickinson
Adding LuCI configuation of the firewall time and data uci options is in progress and this adds the necessary datatypes for validating those fields.
2015-12-12modules/luci-base: Move LuCI FileUpload directory to /etc/luci-uploads and ↵Daniel Dickinson
save across sysupgrade /lib/uci/upload is a rather odd place for configuration files Also the files were not saved across sysupgrade, which is somewhat counter-productive for configuration files. Signed-off By: Daniel Dickinson <openwrt@daniel.thecshore.com>
2015-12-09luci-base: rewrite luci.sys.net.conntrack()Jo-Philipp Wich
The new function is twice as fast as the old implementation and properly summarizes outgoing and incoming byte and packet counters. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-12-06i18n: sync translationsHannu Nyman
Sync translations. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2015-12-02luci-base: fix escaping lua string to js reprYousong Zhou
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2015-12-02luci-base: add hostport and ipaddrport validation typesJo-Philipp Wich
Add two new types 'hostport' and 'ipaddrport' to validate strings in the form 'sub.example.org:1234' and '0.0.0.0:80'. The 'hostport' accepts hostnames or IP addresses followed by a colon and a port number while the 'ipaddrport' type accepts numeric IP addresses only, followed by a colon and a port. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-12-02luci-base: Add function for shell single-quote parameter escapingDaniel Dickinson
When using os.execute or luci.sys.call the shell is called with the command line which means that standard shell interpretation of strings occurs. To allow to use these commands more easily we add functions for properly escaping single-quoted strings used on the command line
2015-11-26Merge pull request #534 from yousong/add-luci-proto-ppposshJo-Philipp Wich
Add luci proto pppossh
2015-11-21luci-base: use board.json to infer switch netdevJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-11-21luci-base: switch to luci-lib-jsoncJo-Philipp Wich
Add dependency on luci-lib-jsonc and use it to reimplement luci.util.serialize_json(). Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-11-17luci-base: eliminate use of uci state vars in luci.model.networkJo-Philipp Wich
Also implement :ipaddrs() and :ip6addrs() helper for network instances. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-11-16luci-base: fix uci documentation issue (#538)Jo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-11-03Redirect to root on empty pathJoel Pedraza
* Prevents an empty Location header * Useful in environments where build_url() could return an empty string (such as http server rewrites requests to /cgi-bin/luci) Signed-off-by: Joel Pedraza <github@saik0.net>
2015-11-03luci-base: add support for DynamicList with FileBrowserYousong Zhou
Two new arguments url, defpath were added to cbi_dynlist_init() for initializing the brower button. An example of usage identity = section:taboption("general", DynamicList, "identity", translate("List of SSH key files for auth")) identity.datatype = "file" Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2015-11-03luci-base: urlencode: encode all except unreserved characters.Yousong Zhou
As per http://tools.ietf.org/html/rfc3986#section-2.3 Characters that are allowed in a URI but do not have a reserved purpose are called unreserved. These include uppercase and lowercase letters, decimal digits, hyphen, period, underscore, and tilde. unreserved = ALPHA / DIGIT / "-" / "." / "_" / "~" Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2015-11-01template cbi/value.htm implement documented property maxlengthChristian Schoenebeck
template cbi/value.htm implement already documented property maxlength Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2015-10-31cbi.lua: Implement "readonly" property for "Value"Christian Schoenebeck
cbi.lua: Implement "readonly" property for "Value" Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2015-10-31template cbi/value.htm: add "readonly" propertyChristian Schoenebeck
template cbi/value.htm: add "readonly" property Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2015-10-30cbi.lua: Implement Flag.validate functionChristian Schoenebeck
cbi.lua - Implement Flag.validate function to be overwritable - rewritten if clause for easier reading ;-) Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2015-10-27Merge pull request #509 from neheb/masterHannu Nyman
resources/icons: Use gifsicle to save a few bytes.
2015-10-27luci-base: eliminiate use of uci state vars in luci.sysJo-Philipp Wich
Rewrite `luci.sys.wifi.getiwinfo()` to use the ubus wireless state instead of depreacated uci state vars in order to map abstract network notation to wireless ifnames. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-27Move libubus-lua dependency to luci-baseJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-22luci-base: dispatcher expose test_post_security()Jo-Philipp Wich
Allows external code to perform POST and token checking manually. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-21luci-base: ensure that base url is emitted with trailing slashJo-Philipp Wich
Now that we don't have an url token anymore, '/cgi-bin/luci' becomes a valid url while cookies are restricted to only '/cgi-bin/luci/' and below. In order to ensure that the first request after login refers to a path covered by the authentication cookie, change build_url() to always append a trailing slash if we're referring to the base url. This should fix the login problems mentioned in #516. While we're touching the dispatcher, also remove remaining url token code. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-21luci-base: remove security token from urlsJo-Philipp Wich
Now that sensitive urls require post requests and only accept them if a valid security token is sent along the request, we can drop the global random url token to improve LuCI usability. The main improvement is the ability to use multiple tabs with the same login session, but also deep linking to specific urls without the need for another login becomes feasible, e.g. for documentation purposes. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-20luci-base: filter invalid opkg status linesJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-20luci-base: generalize post security token handlingJo-Philipp Wich
* Add a generic helper function to check need for post / csrf token validation * Remove custom token verification in cbi targets * Support requiring post security depending on specific submit parameters, usable through post_on() action Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-13i18n: Sync translationsHannu Nyman
Sync translations to the current strings. Changes in luci-app-ddns, luci-app-mjpg-streamer, luci-app-qos, luci-app-shadowsocks-libev, luci-app-statistics and luci-base Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2015-10-13luci-base: update i18n base templateHannu Nyman
Update i18n base template to match the current strings. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2015-10-12Timezone information: update to 2015gHannu Nyman
Changes in 2015g: http://mm.icann.org/pipermail/tz-announce/2015-October/000034.html Norfolk moves from +1130 to +1100 on 2015-10-04 at 02:00 local time. Fiji's 2016 fall-back transition is scheduled for January 17, not 24. Fort Nelson, British Columbia will not fall back on 2015-11-01. It has effectively been on MST (-0700) since it advanced its clocks on 2015-03-08. New zone America/Fort_Nelson. Note: the Turkey-related one-time rule change is not apparently catched by the zoneinfo2lua script, so that change is not included in this commit. (Turkey's 2015 fall-back transition is scheduled for Nov. 8, not Oct. 25.) Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2015-10-09resources/icons: Use gifsicle to save a few bytes.Mangix
Signed-off by: Rosen Penev <rosenp@gmail.com>
2015-10-08luci-base: prevent UCI changes in CBI if form is not in submit stateJo-Philipp Wich
Only process submitted data if the "cbi.submit" parameter is present as the dispatcher will verify the integrity of the CSRF token in this case. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-07Globally replace luci.dispatcher.build_url(...) with url(...) invocationsJo-Philipp Wich
Also concat multiple string arguments into one while we're at it. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-07luci-base: expose luci.dispatcher.build_url() as url() in templatesJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-07luci-base: protect simpleforms with CSRF tokensJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-06luci-base: switch to POST action for service reloadJo-Philipp Wich
Switches the service reload calls to CSRF token protected POST action. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-06luci-base: protect CBI forms with CSRF tokensJo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-06luci-base: add support for POST-only actions with CSRF token checkJo-Philipp Wich
Add the dispatcher infrastructure to restrict certain routes to POST requests only in conjunction with verification of CSRF tokens. This is the first step to get rid of the CSRF token in the url in favor to tokens embedded in forms. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-06Globally convert headline anchors into name attributes.Jo-Philipp Wich
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-04Merge pull request #488 from hnyman/black-flashHannu Nyman
luci-base: change index.html to be more like current themes
2015-09-29resources/icons: Use ZopfliPNG to save 5.4 KBMangix
Signed-off by: Rosen Penev <rosenp@gmail.com>
2015-09-29luci-base: change index.html to be more like current themesHannu Nyman
Change index.html that is visible for a second when entering Luci: * Black text on white background (instead of white on black) * Specify font as Arial/Helvetica Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2015-09-18luci-base: set default mediaurlbase to bootstrap (current default theme)Hannu Nyman
The mediaurlbase option in the default /etc/config/luci still points to the old openwrt.org theme that is not installed by default. The discrepancy was noted in the commit message for 55ab4e4ce22 After 55ab4e4ce22 the installed theme's uci-defaults script will correct the setting at first boot, but we should not have a deprecated theme as the default value. Set the default value to the default theme 'bootstrap'. Related old discussion at #302 Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2015-09-17i18n/polish/base: changing form of the wordCezary Jackiewicz