| Age | Commit message (Collapse) | Author |
|---|
|
Some devices offer a full LuCI interface from their recovery interface.
As it's read-only it should only be used for installing sysupgrades and
therefore warn users that no settings are saved.
Signed-off-by: Paul Spooren <mail@aparcar.org>
|
|
This calls striptags() on the hostname to prevent any XSS over the
hostname. This should fix CVE-2021-33425 as far as I understood it.
If someone adds some Javascript into system.@system[0].hostname it would
have been directly added to the page, this prevents the problem.
This can only be exploited by someone being able to modify the uci
configuration, normally a user with such privileges could also just
modify the webpage.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
It's been unmaintained for ages and became useless.
Better just limit regular luci-mod-admin to only show basic
functionality in case `ubus call system board` indicates we are running
off initramfs.
Singed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
Remove the reference to setting a password being linked to SSH capability.
(SSH has been initially enabled since year 2015.)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
|
Utilize the LuCI.ui.menu class to load, traverse and cache the menu tree
in the local session store.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Fixes: #3757
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Ref: #3563
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Extend the theme headers to include the translation string scripts,
allowing client side code to translate strings without server side
support.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
This is useful to write page specific CSS rules.
Also fix a missing space in the body CSS class name in the bootstrap theme
while we're at it.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Per the discussion in https://github.com/openwrt/luci/issues/869, make
luci-base sufficient to login, logout, and review and apply or revert
uci changes. This allows most luci-app-xxx to work without having
luci-mod-admin-full installed.
It has been tested with some apps and not luci-mod-admin-full, as well
as with luci-mod-admin-full (to make sure the usual case doesn't break).
Instead of creating a new module namespace (e.g. 'Base') we reduce the
opportunities for breakage by having luci-base take over the 'shell' of
the 'Administration' (admin/....) namespace.
Since admin is assumed by all current building LuCI components (including
Freifunk), this doesn't introduce the 'Administration' tab into any
situation where it would not already be present (but includes it where it
was before).
We also add a "Component not installed" page to avoid fatal errors and
backtrace when e.g. luci-mod-admin-full is not installed.
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
|
|
- Use native rpcd uci changes format instead of incompletely converting
back and forth between the old and the new format
- Rework uci changelog template to print the equivalent uci commands
for the various changes
- Rework theme headers to properly count the uncomitted changes
- Rework theme CSS to properly style new changelog
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Include cbi.js in the main header template like it is done for xhr.js and
remove the page specific includes.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
- polish styling
- move main menu to the left for large resolutions and collapse into
dropdown header bar for small mobile resolutions
- make tables responsive by utilizing extra attributes to turn rows
into wrappable flexboxes for low resolutions
- mostly get rid of button icon references and use a uniform color
scheme for action-, positive, negative and neutral buttons
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Add new style classes required for status page changes, also drop old
Internet Explorer compatibility CSS.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Add a common CSS class name to the change indicator and modify the openwrt.org
theme to hide it when no changes are present, similar to all other themes.
This is needed for upcoming uci apply handling changes to be able to auto-hide
the indicator without page reload after an apply.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Instead of passing the full LuCI request url, pass the relative resolved
request path instead and filter the received value through the lookup()
dispatcher function to only allow paths to actual internal pages.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Florian Eckert <Eckert.Florian@googlemail.com>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
|
* Rename subdirectories to their repective OpenWrt package names
* Make each LuCI module its own standalone package
* Deploy a shared luci.mk which is used by each module Makefile
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
|
