tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-05-06 07:40:16 +02:00
Code Issues Packages Projects Releases Wiki Activity
13,960 Commits 126 Branches 75 Tags
Commit Graph

2100 Commits

Author SHA1 Message Date
raviks789
4e8107c231 RoleForm: Replace static inline styles with css class 
The static inline style for resetriction text element is replaced with css class `role-restriction-text`
to avoid Content-Security-Policy violations.
 2023-08-28 16:40:37 +02:00
raviks789
afd2a65df6 Add nonce attribute to <style> elements 
`nonce` attribute needs to be set on the style elements to avoid CSP violations.
 2023-08-28 16:40:37 +02:00
raviks789
da1bf7048d Remove inline scripts 
Remove inline scripts present in `layout.phtml` and `logout.phtml` to prevent CSP violation.
 2023-08-28 16:40:37 +02:00
raviks789
459f4198c3 Replace static inline styles with css class 
The static inline styles are replaced with css class to avoid Content-Security-Policy violations.
 2023-08-28 16:30:12 +02:00
Yonas Habteab
3b7f054534 Initiate full page reload upon CSP config change 2023-08-28 12:42:32 +02:00
Eric Lippmann
0bac6cfe07 Config: Add setting to enable strict CSP 2023-08-24 16:02:06 +02:00
Yonas Habteab
55b4a5eb63 StaticController: Pass only strings to str_pad as first argument 2023-08-23 10:53:15 +02:00
raviks789
6353f79528 VersionCommand: Avoid using deprecated ${} string interpolation 2023-08-23 10:53:15 +02:00
Sukhwinder Dhillon
ee9d139a3a PhpDoc: Fix incorrect @param and @return type hints 2023-08-23 10:53:15 +02:00
Sukhwinder Dhillon
01b93024f6 CreateTicketLinks: Variable $ticket is always set, but can be emtpy 2023-08-23 10:53:14 +02:00
Sukhwinder Dhillon
4d3765b22f PreferenceForm: Fix Variable '$disabled' is probably undefined 
- Remove obsolete `value` attribute
 2023-08-23 10:53:14 +02:00
Sukhwinder Dhillon
143347634f NavigationConfigForm: Fix Variable '$classPath' is probably undefined 2023-08-23 10:53:14 +02:00
Sukhwinder Dhillon
c501e3e2e1 AddMemberForm: Fix Variable '$userName' is probably undefined 2023-08-23 10:53:14 +02:00
Sukhwinder Dhillon
0198054943 CreateMembershipForm: Fix Variable '$groupName' is probably undefined 2023-08-23 10:53:14 +02:00
raviks789
0476046ce6 AuthenticationController: Use correct name case for method AesCrypt::getIV() 2023-08-23 10:53:14 +02:00
raviks789
89630bf0de ResourceConfigForm: Import class Zend_Form_Element 
Class `Zend_Form_Element` is the return type of the method `getForceCreationCheckBox()`. Hence the class should be imported.
 2023-08-23 10:53:14 +02:00
raviks789
2eb3b6c405 ResourceConfigForm: Fix return type for edit() and remove() methods 2023-08-23 10:53:14 +02:00
raviks789
eff262cafd PreferenceForm: Use correct number of arguments for method Preferences::get() 2023-08-23 10:53:14 +02:00
Johannes Meyer
c40cfb41a8 RoleForm: Force a suffix for all element names 
fixes #4973
 2023-06-22 15:04:19 +02:00
Alexander A. Klimov
3784fe80b7 LoggingConfigForm: on Docker default to webserver log 2023-01-24 11:23:34 +01:00
Johannes Meyer
e542982de0 Fix some reflected XSS bugs 
fixes #4979
 2023-01-12 09:55:57 +01:00
Johannes Meyer
965aac11ef RoleController: Always perform a permission check 2022-12-07 11:56:17 +01:00
Johannes Meyer
ec7fb82a94 login: Don't redirect to external resources 
fixes #4945
 2022-12-07 11:54:45 +01:00
Alexander A. Klimov
a3100d378b SshResourceForm: fix XSS by escaping user-defined resource name 
in the tooltip of the message shown instead of the private key.
 2022-12-01 11:35:11 +01:00
Johannes Meyer
4d0e42787a ConfigForm: Remove empty sections 
fixes #4939
 2022-11-02 16:07:53 +01:00
Johannes Meyer
5059a782a8 RoleForm: Use the <details> tag 2022-10-10 10:42:45 +02:00
Dirk Goetz
d5d714b1ee Fix gravatar: set content-type header and size 
Fixes #2254
 2022-06-15 09:03:12 +02:00
Johannes Meyer
d25854ebce Drop class Icinga\Web\Hook\TicketHook 2022-06-14 14:24:30 +02:00
Johannes Meyer
a29159a0a1 Remove remaining IE adjustments 2022-06-13 16:41:15 +02:00
Sukhwinder Dhillon
a38d5ccac6 Revert "Form: Process request parameter _frameUpload" 
This reverts commit fc481e527bc021144205e9fea88397bdf5ce60bc.
 2022-06-13 15:50:52 +02:00
Johannes Meyer
e050ea53ee RoleController: Include domain of a domain-aware backend.. 
..when suggesting user names of it
 2022-06-13 15:09:42 +02:00
Sukhwinder Dhillon
09d378ab65 ApplicationConfigForm: Remove loop and simplify the code 2022-05-27 14:02:11 +02:00
Sukhwinder Dhillon
a250202fa3 ApplicationConfigForm: Remove not required Form elements 2022-05-27 14:02:11 +02:00
Sukhwinder Dhillon
aad2419545 Remove obsolete config_backend option and not required code 
The user preferences backend is now always a `db`.
 2022-05-27 14:02:11 +02:00
Sukhwinder Dhillon
8ff1a22df7 Set preferences store type to Db and make it non-configurable 2022-05-27 13:55:48 +02:00
Johannes Meyer
74022ae4e0
Merge pull request #4697 from Icinga/feature/redesigned-user-menu-new 
Feature/redesigned user menu
 2022-05-16 09:04:26 +02:00
Florian Strohmaier
c536ddb5d8 menu.phtml: Use ConfigMenu 2022-05-12 11:10:59 +02:00
Sukhwinder Dhillon
67285ce262
Update dompdf to v1.2.1 (#4759) 2022-05-06 09:37:48 +02:00
Johannes Meyer
dcb83d9ab5 PreferenceForm: Always enable mode selection if user theme is compatible 
fixes #4744
 2022-04-11 13:28:36 +02:00
Johannes Meyer
1422f50fad RoleForm: Don't pass null to preg_match 2022-03-29 16:35:23 +02:00
moreamazingnick
ba677de0c6
Fix missing global theme check refs #4723 (#4724) 2022-03-29 16:34:35 +02:00
Johannes Meyer
d63f645bd8 Update requirements for PHP 8.1 2022-03-24 15:46:26 +01:00
Johannes Meyer
3dc384fb58 Avoid passing null to non-nullable arguments 2022-03-24 12:29:06 +01:00
Johannes Meyer
01f67a78c6 Increase required version of the icinga-php-library 2022-03-23 11:49:06 +01:00
Johannes Meyer
05a18dcdb5 Adjust calls to CompatController::setTitle() 
refs https://github.com/Icinga/ipl-web/pull/72
 2022-03-16 16:35:59 +01:00
Johannes Meyer
0d032989e6 Fix style issues in recent security fixes 2022-03-08 15:20:16 +01:00
Johannes Meyer
067ec0f6de
Merge pull request from GHSA-v9mv-h52f-7g63 
Fix/ghsa-v9mv-h52f-7g63
 2022-03-08 12:02:40 +01:00
Johannes Meyer
85c42f8400 Enhance page layout when exporting to PDF using dompdf 
It's still not perfect. But better than previously.
Using the pdfexport module is still recommended though.
 2022-03-01 17:04:38 +01:00
Johannes Meyer
3c48d693ff about: Fix documentation link and use a version dependent one 2022-02-25 12:27:08 +01:00
Florian Strohmaier
c1d0c132f3 about/index: Adjust markup 
refs #4328
 2022-02-25 11:06:22 +01:00