| Age | Commit message (Collapse) | Author |
|---|
|
Ensure that the (table) length of a file upload value has nonzero length
by initializing the first table index with the file name.
This fixes tests in the form
x = luci.http.formvalue(...)
if x and #x > 0 then ... end
Fixes #1763.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Depends on 5ef51b2ab ("lucihttp: update to latest HEAD").
Fixes #1755.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Ship an ACL definition for granting full read/write access to uci
configuration files via ubus rpc. This is a precondition for enabling
uci session isolation later on.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Restore the old luci.http behaviour of converting repeated POST params into
single tables holding all values instead of letting each repeated parameter
overwrite the value of the preceeding one.
Fixes, among other things, the handling of CBI dynamic list values.
Fixes #1752
Fixes 59dea0230 ("luci-base: switch to lucihttp based POST data processing")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Introduce luci.model.uci.set_session_id() and luci.model.uci.get_session_id()
to set and get the effective session ID respectively.
When a session ID is set, it is sent as `ubus_rpc_session` attribute to rpcd,
causing it to use per-session change directories, isolating LuCI changes from
the global system uci state.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
LuCI itself now uses ubus calls to interact with uci configuration while
the remaining direct libuci-lua users have been updated to either depend
on the binding library or to use luci.model.uci.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Also adjust the dependencies of components depending on these classes and
flatten the namespace from luci.http.protocol.* to luci.http.*
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
With only the decoder routines remaining in luci.http.protocol, it makes no
sense to keep the low level protocol class around, so fold the remaining code
into the central luci.http class.
Also adjust the few direct users of luci.http.protocol accordingly.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
- Rewrite getcookie() to use liblucihttp header value parsing
- Rewrite setfilehandler() to use local variables and have cleaner code
- Fix build_querystring() to actually *en*code the given params
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
The dtable() function has no user in the entire LuCI repo, so drop it.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
This reverts commit ad7dc4a4928e77ae142d0fe040f9e9e64b530e82.
Since we're using liblucihttp now, that library is the appropriate place to
add such decoding helper functions.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Use the liblucihttp provided multipart and x-www-urlencoded body parsers
and drop the old Lua parsing code.
The C based data parsers are way faster than their old Lua counterparts
while producing less string garbage and more correct results.
While refactoring the luci.http.protocol code, also drop unused functions
and dead code, heavily reducing the module size.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Drop the Lua implementation in luci.http.protocol and use the optimized C
variants of liblucihttp instead.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Zheng Qian <sotux82@gmail.com>
|
|
* sync translations
* clean-up old strings from adblock
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
|
luci-mod-admin-full: limit dns cachesize to 10000
|
|
This 404 error template rendering has been broken for a long time due to bad
function environment level in luci.template when invoking the rendering from
the toplevel dispatcher context.
Fix this issue by adding a local function indirection, essentially adding an
additional stack frame.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Instead of attempting to access the request environment directly (which does
not work anyway using the CGI SGI), use the already sanitized
dispatcher.context.request property to print out the not found url.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
It is possible to inject unescaped markup using a double encoded null byte
via PATH_INFO on certain leaf nodes.
Since there is no legitimate reason to handle null bytes in any part of the
requested url, simply skip over such bytes when parsing the PATH_INFO value.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
The C implementations of urlencode and urldecode are considerably faster
than their current Lua counterparts.
On an AMD Geode system, the C variant is up to ten times faster when
decoding strings and up to four times faster when encoding them.
The functions are also designed to only allocate new strings when any
actual changes are required, otherwise they reuse the existing input
strings, reducing the overal memory usage somewhat.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
The value of cachesize is hardcoded to 10000 in
dnsmasq-2.79/src/option.c to 10000 max
case 'c': /* --cache-size */
{
int size;
if (!atoi_check(arg, &size))
ret_err(gen_err);
else
{
/* zero is OK, and means no caching. */
if (size < 0)
size = 0;
else if (size > 10000)
size = 10000;
daemon->cachesize = size;
}
break;
}
Tested on Netgear R7800
Signed-off-by: Marc Benoit <marcb62185@gmail.com>
|
|
In the case of more powerful routers the default
cachesize value == 150 is too small and can easily
be extended to 1,000's and 10,000's of entries.
It makes sense to make it easy configurable.
Tested on Netgear R7800
Signed-off-by: Marc Benoit <marcb62185@gmail.com>
Fix whitespace, edit the proposed help text.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
|
The cbi class will react on an empty "cbi.submit" parameter as well so we
must intercept GET requests using that too.
Fixes 186e690c0 ("luci-base: dispatcher: reject non-POST requests with any cbi.submit value")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
|
Update timezone data to 2018d
http://mm.icann.org/pipermail/tz-announce/2018-March/000049.html
In 2018, Palestine starts DST on March 24, not March 31.
Adjust future predictions accordingly.
Casey Station in Antarctica changed from +11 to +08
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
|
Properly propagate the config parameter to the foreach iterator in order
to fix get_first() lookups.
Fixes #1734.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Prevent various XSS vectors by not interpolating field and path values
verbatim into script and html contexts.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
This fixes issues dicovered by check-controllers.sh
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
This fixes issues dicovered by check-controllers.sh
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Introduce a get_state() function which can be used to access legacy
uci state variables. This is usually not needed anymore but some
packages (mainly mwan3) still rely on this.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Make the hint message more explicit to tell users that the prefix size needs
to be specified as well.
Fixes #1559.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
- Use the ubus session.login procedure to authenticate credentials
- Fix testing of allowed usernames
- Support authentication via sysauth cookie
Fixes #1300, #1700, #1711
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Fixes #1725
Fixes 731ed77c0 ("treewide: improve handling of page redirections in uci change views")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Prevent reflected XSS through the reset button by url encoding the
display parameter.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Instead of passing the full LuCI request url, pass the relative resolved
request path instead and filter the received value through the lookup()
dispatcher function to only allow paths to actual internal pages.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
The lookup function takes multiple, possibly malformed path fragments,
splits them on slashes, constructs a temporary path and looks up the
result in the dispatch tree.
If a matching node has been found, the function will return both the
node reference and the canonical url to it.
If no corresponding node is found, the function returns nil.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
luci-base/network.lua: fix get_interface function
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Introduce a new function luci.util.shellquote() which encloses the given
string argument in single quotes and escapes any embedded single quote
characters.
This function is intended to be used when interpolating untrusted input
into shell commands.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Due to the fact that luci.model.cbi reacts on any "cbi.submit" value while
the dispatcher only required POST for cbi.submit == 1, the CSRF token
protection could be bypassed.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Switch from using the REQUEST_URI CGI variable directly to the canonicalized
FULL_REQUEST_URI property.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Introduce a new template property FULL_REQUEST_URI which returns the full
canonicalized request URL built from SCRIPT_NAME, PATH_INFO and QUERY_STRING.
This new property is safer to use compared to using the raw REQUEST_URI CGI
environment variable directly as this value is essentially untrusted user
input which may contain embedded escaped slashes, double forward slashes and
other oddities allowing XSS exploitation or request redirection.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Some applications, e.g. dnsmasq, do not allow hostnames starting with an
underscore, therefor extend the existing hostname datatype validator with
a `strict` which disallows a leading underscore.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Switch luci.model.uci to use ubus uci calls instead of driving libuci-lua
directly.
This prepares support for more advanced features such as per-session change
isolation and configuration rollback on errors.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Qian Zheng <sotux82@gmail.com>
|
