tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-05-07 00:00:12 +02:00
Code Issues Packages Projects Releases Wiki Activity
14,048 Commits 126 Branches 75 Tags
Commit Graph

264 Commits

Author SHA1 Message Date
Johannes Meyer
e5f6fc276a ActionController: Always reload window when redirecting to the login 
This ensures that, if CSP is enabled, the newly created token on the
login is accepted by the browser. A small, but IMHO desired, side
effect is that the login now always appears in the default theme.

fixes #5126
 2023-09-28 10:35:18 +02:00
Yonas Habteab
ab96f66e72 Add never return type to redirect methods 2023-09-07 15:33:39 +02:00
Sukhwinder Dhillon
f283c81ed2 ActionController: Always read icingaweb config for csp 
Method `$this->Config()` returns config based of current module.
 2023-08-30 10:04:46 +02:00
Johannes Meyer
e3ebe109eb Enable strict CSP if configured 2023-08-28 12:42:32 +02:00
Sukhwinder Dhillon
eeff32d4ce AuthBackendController: Fix Variable '$backend' is probably undefined 2023-08-23 10:53:14 +02:00
raviks789
22c790ea48 ActionControlle: Avoid void return in __call() magic method 2023-08-23 10:53:13 +02:00
raviks789
6b0244f247 ActionController: Declare property $view 2023-08-23 10:53:13 +02:00
Johannes Meyer
0b9eecbabc ActionController: Don't override reload rules in redirectXhr() 
`postDispatchXhr()` also only overrides them if enabled.
 2022-05-11 14:26:09 +02:00
Johannes Meyer
bc6b17b850 Revert "ActionController: Don't override X-Icinga-Title when it's already set" 
This reverts commit 4cff1feb8fe2231df6568e9d1d711540984c80fe.

It's broken and obsolete since https://github.com/Icinga/ipl-web/pull/72.
 2022-04-12 14:56:28 +02:00
Yonas Habteab
4cff1feb8f ActionController: Don't override X-Icinga-Title when it's already set 2022-04-11 13:26:08 +02:00
Johannes Meyer
0d032989e6 Fix style issues in recent security fixes 2022-03-08 15:20:16 +01:00
Johannes Meyer
b7c31eb922
Merge pull request from GHSA-5p3f-rh28-8frw 
Only serve existing static library assets, really!?
 2022-03-08 12:01:34 +01:00
Johannes Meyer
b50d68553f ActionController: Utilize Icinga\Common\PdfExport 2022-03-01 17:00:58 +01:00
Johannes Meyer
379ddb91f0 Only serve existing static library assets, really!? 2022-02-23 17:18:16 +01:00
Johannes Meyer
2e5abbc832 Use ipl-i18n's Translation trait where applicable 2021-05-28 14:03:36 +02:00
Johannes Meyer
a4a658974d AuthBackendController: Inherit from ipl\Web\Compat\CompatController 2021-04-07 14:30:14 +02:00
Johannes Meyer
accbd9d847 ApplicationStateController: Initalize $autorefreshInterval 
Instead of defining it with the setter. This prevents the
user's preferences from having an effect on this route.
 2021-01-15 15:08:48 +01:00
Johannes Meyer
f1dd69d877 ActionController: Set autorefresh interval on view as late as possible 
This allows to initialize property `$autorefreshInterval` and have it
take an effect on non-XHR requests.
 2021-01-15 15:08:48 +01:00
Johannes Meyer
765557af69 ActionController: Drop new param in method setAutorefreshInterval() 2021-01-15 15:08:48 +01:00
Alexander A. Klimov
81b19285a7 Make auto refresh interval configurable 
refs #2819
 2020-11-26 11:38:02 +01:00
Johannes Meyer
ed7763c379 Introduce class Icinga\Web\Controller\StaticController 2020-11-18 13:20:09 +01:00
Johannes Meyer
62dd0b3f1e ActionController: Fix that view variable compact is undefined 
refs #4164
 2020-06-08 09:26:36 +02:00
Johannes Meyer
6cf9f19048 ActionController: Shift parameter view if its value is compact 2020-06-04 08:50:41 +02:00
Johannes Meyer
69d15824fb
Merge pull request #4048 from Icinga/fix/server-side-window-handling 
Fix server side window handling
 2020-01-16 08:57:11 +01:00
Johannes Meyer
9fe43dda5f ActionController: Drop method handlerBrowserWindows() 2020-01-14 10:14:02 +01:00
Johannes Meyer
855bb8ae72 Properly handle window id's and container id's 2020-01-14 10:14:02 +01:00
Johannes Meyer
5a58279995 ActionController: Don't render exceptions as PDF 2020-01-10 14:11:52 +01:00
Johannes Meyer
5943e6bde9 Pdf: Restore previous state after rendering content 
In case an exception occurs its output was previously merged
with the rendered content or even PDF..
 2020-01-10 14:11:40 +01:00
Johannes Meyer
3edda43bca ActionController: Utilize view variable $defaultTitle instead of the constant 
Allows controllers to also customize the default title with translated contents.

refs #3851
 2019-07-15 08:24:44 +02:00
Johannes Meyer
1f677e64f6 ActionController: Force HTTP redirects in method redirectHttp() 
That's what its name implies, right? The counterpart is redirectXhr(),
which does still its job. redirectNow() on the other hand is for the
lazy people.
 2018-07-04 14:44:03 +02:00
Alexander A. Klimov
ee60a8df99 Don't let AutoRefreshForm handle API requests 
refs #2749
 2018-06-22 11:03:07 +02:00
Johannes Meyer
b93dc06f5b ActionController: Let the repsonse itself set its headers 
The only header that is now set by the ActionController is X-Icinga-Title,
all others are delegated to Icinga\Web\Response.
 2017-07-13 12:56:03 +02:00
Johannes Meyer
0d52bb421f ActionController: Don't re-enable the layout when just setting XHR layout 
In case someone doesn't want the layout, we should not force it, especially
not for XHR requests.
 2017-07-12 16:54:52 +02:00
Johannes Meyer
f6166b3ab6 ActionController: Allow to control which inline view script to use 
This also affects that rerendering the layout does only have any effect
in case of XHR requests and is not overwritten anymore in this case.
Since this property was previously private, this should not break anything.
 2017-06-28 11:14:01 +02:00
Johannes Meyer
22223acf1d Controllers: Make all private properties protected 
Controllers are neither library stuff nor any vital part that need to be
protected from too adventurous module developers.
 2017-06-28 09:51:28 +02:00
Johannes Meyer
8ee6e763a6 ActionController: Ensure to utilize the response to redirect and exit 2017-06-19 09:11:12 +02:00
Johannes Meyer
df04c0f837 ActionController: Introduce constant DEFAULT_TITLE 
Controllers are now allowed to fully customize the page title.
 2017-06-09 11:13:37 +02:00
Johannes Meyer
8a890a4a82 ActionController: Allow controllers to customize the login route 2017-05-19 08:39:11 +02:00
Johannes Meyer
181e2ef05c Swag: Fix swag (aka a whole bunch of code style issues..) 2017-01-27 14:48:59 +01:00
Michael Friedrich
08a82daea3 Update to icinga.com 
refs #2687
 2017-01-18 12:04:43 +01:00
Eric Lippmann
2b060d9bd4 Challenge API requests only if the controller requires auth 
fixes #12580
 2016-11-07 10:40:38 +01:00
Eric Lippmann
c83659eff7 Sometimes you just herp the derp so hard it herpderps 2016-09-29 16:19:41 +02:00
Alexander A. Klimov
c8b1693fdc Fix Controller::assertPermission() allowing everything for unauthenticated requests 
fixes #12108
 2016-09-12 08:18:36 +02:00
Eric Lippmann
7cef06f981 Disable benchmark only if the layout is disabled 
Benchmark should be disabled if the response is not HTML. This is most likely the case when the layout is disabled.
If Web 2 or Zend sends JSON for example, the layout is disabled.

The follwing code inside an action disables the layout (and view):
$this->_helper->layout()->disableLayout();

The following code inside an action disables the action's view script:
$this->_helper->viewRenderer->setNoRender(true);

Note that an action's view script is also disabled via setNoRender() when rendering another view script via
render() or renderScript().

Another appraoch is to check the content-type. If explicitly set to not HTML, disable benchmark:

$renderBenchmark = true;
$response = $this->getResponse();
$headers = $response->getHeaders();
foreach ($headers as $header) {
    if (strtolower($header['name']) === 'content-type'
        && stristr($header['value'], 'text/html') === false
    ) {
        $renderBenchmark = false;
        break;
    }
}
if ($renderBenchmark) {
    $layout->benchmark = $this->renderBenchmark();
}

Maybe we should also provide a action method for disabling benchmark, regardless of the user's setting.

refs #10856
 2016-02-27 20:14:02 +01:00
Alexander A. Klimov
474803fee4 Change all license headers to only reflect a file's year of creation 
refs #11000
 2016-02-08 15:41:00 +01:00
Eric Lippmann
7fd575080e PHP7: Rename String to StringHelper 
refs #10251
 2016-01-27 16:46:55 +01:00
Eric Lippmann
0cc54ce34b Refresh session every 10 minutes 
Quick and dirty fix.

fixes #10229
 2015-11-16 14:19:33 +01:00
Johannes Meyer
53f29131af ActionController: Use a controller's inner layout script instead of "body" 
"body" is still the default inner layout script.
 2015-10-02 10:18:37 +02:00
Eric Lippmann
0f8c28d749 Merge branch 'master' into feature/api-9606 2015-09-07 11:33:44 +02:00
Eric Lippmann
4fb6856caf Fix exception when navigating to the preferences after namespacing all controllers 2015-08-31 10:19:30 +02:00