frodovdr/raspap-webgui
1
0
Fork 0
mirror of https://github.com/billz/raspap-webgui.git synced 2023-10-10 13:37:24 +02:00
Code Issues Releases Wiki Activity
1,485 Commits 4 Branches 54 Tags 26 MiB
9faa98dd51
Commit Graph

1485 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Bill Zimmerman
6286595898
Merge pull request #369 from glaszig/fix/arp-speed 
speed up dashboard
 2019-08-09 18:02:54 +02:00
Bill Zimmerman
b878e87cae
Merge pull request #371 from glaszig/ui/layout-fixes 
layout improvements
 2019-08-09 16:34:14 +02:00
glaszig
916072f7fd bootstrap panel-footer goes directly after panel-body 
https://getbootstrap.com/docs/3.3/components/#panels-footer
 2019-08-09 16:21:58 +02:00
billz
165b9865cf Apply service-status to theme 2019-08-08 22:14:21 +01:00
billz
97efe3a516 Update unstyled elements 2019-08-08 22:07:05 +01:00
Bill Zimmerman
a00f1be009
Merge pull request #366 from glaszig/feature/improved-service-status-indicator 
improved service status display
 2019-08-08 20:55:04 +02:00
glaszig
993dc633a9 load wifi stations via ajax, cache the scan result 
until the "rescan" button is pressed. speeds up
"configure client" page massively.
 2019-08-08 03:44:28 +02:00
Bill Zimmerman
7dd80f6098
Merge pull request #370 from glaszig/fix/csrf 
fix csrf verification
 2019-08-08 00:23:58 +02:00
glaszig
56097d5629 send proper csrf header 2019-08-08 00:14:12 +02:00
glaszig
1fddad190f fix require paths 2019-08-07 23:51:22 +02:00
glaszig
c1da509053 remove superfluous, overly nested html (mainly bootstrap panels) 2019-08-07 23:16:56 +02:00
sunnybank101
62c7e99465 arp can take for ever 
added -n to the arp command to speed it up!
 2019-08-07 22:48:59 +02:00
billz
b5f875cce7 Updated CSRFTokenFieldTag 2019-08-07 21:01:05 +01:00
Bill Zimmerman
f6f85d1c11
Merge pull request #356 from glaszig/security/always-verify-csrf-token 
always verify csrf token for resource-modifying requests
 2019-08-07 21:53:39 +02:00
billz
e4757a06ae Minor: use install_log for raspap.service 2019-08-07 09:28:20 +01:00
billz
10e0aaf1ab Update .gitignore 2019-08-06 23:01:15 +01:00
Bill Zimmerman
d4d6dbd79b
Merge pull request #360 from glaszig/installer/cp-instead-of-mv 
installation: do not move files out of git tree
 2019-08-06 22:45:01 +02:00
glaszig
47cc1bdc33 cleaner jquery ready callback 2019-08-06 22:42:50 +02:00
glaszig
752e8ccf66 improve global ajax event handling 2019-08-06 22:41:29 +02:00
glaszig
c70433585a move all other favicon-types into dist/icons folder, 
point to icons via link and meta tags,
leave favicon.ico in root old browsers,
added custom jekyll layout file to use the icons
for the project website as well.

https://help.github.com/en/articles/customizing-css-and-html-in-your-jekyll-theme
https://github.com/pages-themes/minimal/blob/master/_layouts/default.html
https://stackoverflow.com/a/48969053
 2019-08-06 22:24:13 +02:00
glaszig
2104ccb91a favicons and sorts can stay in subdirectories 
and be pointed to by proper meta tags.
do not copy these around during installation and poison the git tree.
 2019-08-06 21:36:52 +02:00
glaszig
748348f407 during installation copy files from the git working tree 
to their destinations instead of moving them and making
git think they got deleted
 2019-08-06 21:36:52 +02:00
glaszig
da69d3d768 send CSRF token in a response header, 
update the page's CSRF tokens with the new token
from the response header,
verify csrf token in ajax endpoints,
initialize a session for every endpoint
 2019-08-06 21:34:58 +02:00
glaszig
8f3489cd4a remove id attribute from csrf token field due to obsolescence 
and if there's multiple form's on the page it would lead to
multiple elements with the same id which is illegal in html
 2019-08-06 20:55:16 +02:00
glaszig
f36b08c10a rename CSRFToken() to the more apt CSRFTokenFieldTag() 2019-08-06 20:55:16 +02:00
glaszig
0a255e8b49 don't write the csrf token field to the output buffer 
but return and echo it
 2019-08-06 20:55:16 +02:00
glaszig
6f1ae104f3 improve CSRFToken() implementation 2019-08-06 20:55:16 +02:00
glaszig
2f6dc2cc05 remove superfluous semi-colon 2019-08-06 20:55:16 +02:00
glaszig
964dc00fab generate a new csrf token for each request 2019-08-06 20:55:16 +02:00
glaszig
7898dc24c8 mcrypt_create_iv is deprecated, openssl_random_pseudo_bytes 
depends on openssl. php7 has the platform-independent
`random_bytes` to generate "cryptographically secure"
random data. use that for csrf token.
 2019-08-06 20:55:16 +02:00
glaszig
490cb14acd removing superfluous call to CSRFToken() which 
just put the hidden input onto the page for js
to have access to it. this is now handled with
a meta tag.
 2019-08-06 20:55:16 +02:00
glaszig
b38dbb82ab do net send csrf tokens individually with post xhr 
since we set it in a `beforeSend` callback
 2019-08-06 20:55:16 +02:00
glaszig
b9e9b7fe39 move csrf token initialization into function 2019-08-06 20:55:16 +02:00
glaszig
d53517a34a removed useless line of code 2019-08-06 20:55:16 +02:00
glaszig
0967a53152 validate token value from csrf token header 
if supplied and not overridden by post request param
 2019-08-06 20:55:16 +02:00
glaszig
ce3ec131a6 add csrf token header to all resource-modifying xhr 2019-08-06 20:55:16 +02:00
glaszig
20bb9fe42f add csrf meta tag (for use with xhr, for example) 2019-08-06 20:55:16 +02:00
glaszig
87fe8948b8 remove splattered, duplicated csrf validation code 
since we do that always and early, now.
 2019-08-06 20:55:16 +02:00
glaszig
f989b8060b always verify csrf token for resource-modifying requests, 
that is post, put, patch, delete
 2019-08-06 20:55:16 +02:00
Bill Zimmerman
93b458197a
Merge pull request #365 from glaszig/feature/connect-hidden-ssid 
enable wifi client to connect to hidden ssid
 2019-08-05 16:04:29 +02:00
Bill Zimmerman
9b66c2cd03
Merge pull request #363 from glaszig/fix/hostapd-wmm 
properly enable wmm by fixing a typo
 2019-08-05 15:46:10 +02:00
billz
c0cfcfa117 Bugfix, resolves #367 2019-08-05 14:26:55 +01:00
glaszig
1152637120 puts service status as label into panel heading 2019-08-02 23:40:06 +02:00
Bill Zimmerman
02c3703392
Merge pull request #355 from glaszig/ui/escape-interface-settings 
show network interface settings pre block, properly escaped
 2019-08-02 18:25:27 +02:00
Bill Zimmerman
ff21343751
Merge branch 'master' into ui/escape-interface-settings 2019-08-02 18:18:19 +02:00
Bill Zimmerman
fe35742519
Merge pull request #361 from glaszig/feature/static-dhcp-hosts 
static dhcp leases
 2019-08-02 17:49:29 +02:00
glaszig
493269e061
enable wifi client to connect to hidden ssid 
according to the docs:
For finding networks using hidden SSID, scan_ssid=1 in the network block can be used with nl80211.

and

scan_ssid:
	0 = do not scan this SSID with specific Probe Request frames (default)
	1 = scan with SSID-specific Probe Request frames (this can be used to
	    find APs that do not accept broadcast SSID or use multiple SSIDs;
	    this will add latency to scanning, so enable this only when needed)

https://w1.fi/cgit/hostap/plain/wpa_supplicant/wpa_supplicant.conf

see billz/raspap-webgui#345
 2019-08-02 14:42:15 +02:00
Bill Zimmerman
2ded7be76b
Merge pull request #364 from glaszig/feature/improved-hostapd-hw-mode-select-labeling 
improved 802.11 mode dropdown
 2019-08-02 07:36:04 +02:00
glaszig
b52f290020 improved 802.11 standard select option labels in hostapd ui 2019-08-01 23:01:31 +02:00
glaszig
0e9ed7d833 make hostapd's max_num_sta configurable 2019-08-01 22:42:52 +02:00