From e440144d5693eee6858151e8e52b98b594069265 Mon Sep 17 00:00:00 2001 From: Jo-Philipp Wich Date: Tue, 6 Oct 2015 22:29:07 +0200 Subject: luci-mod-admin-full: switch to POST actions for UCI changes Switches UCI apply/revert/save to CSRF token protected POST actions. Signed-off-by: Jo-Philipp Wich --- modules/luci-mod-admin-full/luasrc/controller/admin/uci.lua | 8 ++++---- modules/luci-mod-admin-full/luasrc/view/admin_uci/changes.htm | 11 +++++++---- 2 files changed, 11 insertions(+), 8 deletions(-) (limited to 'modules') diff --git a/modules/luci-mod-admin-full/luasrc/controller/admin/uci.lua b/modules/luci-mod-admin-full/luasrc/controller/admin/uci.lua index 6de3c73a3..9c33d9c18 100644 --- a/modules/luci-mod-admin-full/luasrc/controller/admin/uci.lua +++ b/modules/luci-mod-admin-full/luasrc/controller/admin/uci.lua @@ -1,5 +1,5 @@ -- Copyright 2008 Steven Barth --- Copyright 2010 Jo-Philipp Wich +-- Copyright 2010-2015 Jo-Philipp Wich -- Licensed to the public under the Apache License 2.0. module("luci.controller.admin.uci", package.seeall) @@ -10,9 +10,9 @@ function index() entry({"admin", "uci"}, nil, _("Configuration")) entry({"admin", "uci", "changes"}, call("action_changes"), _("Changes"), 40).query = {redir=redir} - entry({"admin", "uci", "revert"}, call("action_revert"), _("Revert"), 30).query = {redir=redir} - entry({"admin", "uci", "apply"}, call("action_apply"), _("Apply"), 20).query = {redir=redir} - entry({"admin", "uci", "saveapply"}, call("action_apply"), _("Save & Apply"), 10).query = {redir=redir} + entry({"admin", "uci", "revert"}, post("action_revert"), _("Revert"), 30).query = {redir=redir} + entry({"admin", "uci", "apply"}, post("action_apply"), _("Apply"), 20).query = {redir=redir} + entry({"admin", "uci", "saveapply"}, post("action_apply"), _("Save & Apply"), 10).query = {redir=redir} end function action_changes() diff --git a/modules/luci-mod-admin-full/luasrc/view/admin_uci/changes.htm b/modules/luci-mod-admin-full/luasrc/view/admin_uci/changes.htm index 865780ff0..c3373604f 100644 --- a/modules/luci-mod-admin-full/luasrc/view/admin_uci/changes.htm +++ b/modules/luci-mod-admin-full/luasrc/view/admin_uci/changes.htm @@ -1,6 +1,6 @@ <%# Copyright 2008 Steven Barth - Copyright 2008 Jo-Philipp Wich + Copyright 2008-2015 Jo-Philipp Wich Licensed to the public under the Apache License 2.0. -%> @@ -25,15 +25,18 @@ <% end %>
-
+ + " />
-
+ + " />
-
+ + " />
-- cgit v1.2.3