tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-04-08 17:15:08 +02:00
Code Issues Packages Projects Releases Wiki Activity
14,160 Commits 120 Branches 75 Tags
main
Commit Graph

14160 Commits

Author SHA1 Message Date
Silas
ff04a2ea43
Fix that CSV exports contain empty strings instead of zeros 2025-04-07 13:46:21 +02:00
Johannes Meyer
6c7f1e5466 Dashlet: Properly embed iframe urls 
fixes
2025-04-01 11:19:00 +02:00
Johannes Meyer
219b11789b
Release/v2.12.4 () v2.12.4 2025-03-26 16:42:31 +01:00
Johannes Meyer
41bbf6e35d Update CHANGELOG.md 2025-03-26 16:41:23 +01:00
Johannes Meyer
e98a776509 Raise version to 2.12.4 2025-03-26 16:41:23 +01:00
Johannes Meyer
1ddd04df50 DbUserBackend: Fix broken password hash fetch routine 
fixes
2025-03-26 16:40:48 +01:00
Johannes Meyer
15e74ebb0c
Release/v2.12.3 () v2.12.3 2025-03-26 10:39:37 +01:00
Johannes Meyer
53fa6d57e1 Raise ipl requirement 2025-03-26 10:35:11 +01:00
Johannes Meyer
c07a45096c Update CHANGELOG.md 2025-03-26 10:31:04 +01:00
Johannes Meyer
01fb35dd4a Raise version to 2.12.3 2025-03-26 10:31:04 +01:00
Johannes Meyer
ec40efe157 Only open trusted iframe sources by default 
Trusted in this case means, it was Icinga Web that
rendered a link and the user followed it. Whether
a source is trustworthy or not is detected by use
of the user's session id to hash it combined with
the source similar to how CSRF tokens are assembled.
 2025-03-26 10:25:31 +01:00
Johannes Meyer
aad020511f js: Only load URLs prefixed by the base URL 2025-03-26 10:25:05 +01:00
Johannes Meyer
484bd26d63 Window: Only accept valid window IDs 2025-03-26 10:24:17 +01:00
Johannes Meyer
2b08d88edf Url: Always compare host and port to identify external urls 2025-03-26 10:23:31 +01:00
Johannes Meyer
191444ccd9 Pdf: Ensure dompdf can create temporary files 
This is required since dompdf seems to automatically load
our custom font and complains otherwise.
 2025-03-25 13:59:18 +01:00
Johannes Meyer
1a1f96be49 php: Install the same vendor dependencies for all php versions 2025-03-25 13:51:59 +01:00
Sukhwinder Dhillon
f1fe2525bd tabs.less: Don't let icinga-loader element overlap the dropdown nav 2025-03-20 17:48:37 +01:00
Johannes Meyer
d56d10c712 monitoring: Use the (new) icon for the reporting section 
The same that the reporting module is using now
 2025-03-20 16:58:45 +01:00
Markus Opolka
6c8453062f Fix doc module markdown table rows in light mode 
- Replaced the gradient mixin with a simple color
  for odd rows. This fixes and markdown table rows
  in light mode and - since there are very gradients
  in general - it makes the overall look more uniform.

See https://github.com/Icinga/icingaweb2/issues/5320
 2025-03-20 16:39:13 +01:00
Johannes Meyer
db851bbe33 Don't mention Twitter anymore, it's gone now for good 2025-03-20 16:36:52 +01:00
Johannes Meyer
d86ede517f
Fix case sensitive authentication with postgres () 
fixes
2025-03-20 16:34:30 +01:00
Johannes Meyer
92dad17a2b DbUserGroupBackend: Match memberships case-insensitive on pgsql 2025-03-20 16:24:21 +01:00
Johannes Meyer
13c9a73842 DbUserBackend: Match usernames case-insensitive on pgsql 2025-03-20 16:24:21 +01:00
Johannes Meyer
acfad5ae52
Fix unescaped error messages () 
In both cases the input, which wasn't escaped before, comes from a form
element that doesn't allow any user to change its content. An ordinary
user would need to access the DOM in order to do that.

Both forms are protected by CSRF, so this mitigates any potential
exploit as well.
 2025-03-20 16:20:21 +01:00
Johannes Meyer
14c0748693 Escape resource identifier in monitoring backend form 2025-03-20 14:56:53 +01:00
Johannes Meyer
02dece2a35 Escape invalid module name in error messages 2025-03-20 14:56:53 +01:00
Sukhwinder Dhillon
c6c1e28350 RolesConfig: Add missing column name for quick search 2025-03-20 14:30:45 +01:00
Blerim Sheqa
79971cb1a6 Fix broken links 2025-01-14 11:14:02 +01:00
Johannes Meyer
ca2778eb46 form.js: Ignore buttons again when being asked to render content 
This slipped through, as I thought the CSS selector `:input`, which
was used previously, is invalid. Although, it's a jQuery specific
selector -.-, which was also previously used.

fixes
2024-11-28 16:57:19 +01:00
Yoda-BZH
4eadfd0ace
View: Consider letter a legacy icon name 2024-11-28 16:55:59 +01:00
Johannes Meyer
7f9217b052
Release/v2.12.2 () v2.12.2 2024-11-13 10:03:28 +01:00
Johannes Meyer
b403918cc1 Raise version to 2.12.2 2024-11-13 09:59:05 +01:00
Johannes Meyer
f70d820f3e Update AUTHORS and .mailmap 2024-11-13 09:59:05 +01:00
Johannes Meyer
311ba2eb6f Update CHANGELOG.md 2024-11-13 09:59:05 +01:00
Tobias Bauriedel
4baf630156
Add hint for comments in ini files () 
Adds a small hint about comments in .ini files.

---------

Co-authored-by: Johannes Meyer <johannes.meyer@icinga.com>
 2024-11-06 14:08:39 +01:00
Johannes Meyer
9f6450999d
Fix sort roles by name () 
fixes
2024-11-05 09:19:04 +01:00
Johannes Meyer
8551fffd4f roles: Fix default sort rule by name 2024-11-05 09:16:21 +01:00
Johannes Meyer
aba56d8ef1 RoleController: Clean up sort rules 
* Removes `permissions` from sort rules
* Adds `parent` to filter and sort rules
 2024-11-05 09:16:21 +01:00
Johannes Meyer
1612b78af6 RoleController: Remove todos, the issue is closed 2024-11-05 09:16:21 +01:00
Johannes Meyer
01bcf71e37 ArrayDatasource: Restore order by key column 
Broke with 384d9535a990c23fef3abc73657cb15931c2eba5
 2024-11-05 09:16:21 +01:00
Johannes Meyer
eea50d7d6b CustomVarTable: Let the user subgroups fully collapse 
resolves
2024-11-04 16:50:24 +01:00
Johannes Meyer
8f1eaf0c7b CustomVarRendererHook: Log an exception's message and location 
fixes
2024-11-04 16:23:52 +01:00
Johannes Meyer
eef276be93 js: Use a submit event's submitter property to identify the submit button 2024-11-04 16:07:10 +01:00
Florian Strohmaier
48dcb051d1 CSS: Set correct height for input[type=“datetime-local”] 2024-11-04 16:06:54 +01:00
Alexander Aleksandrovič Klimov
11251481dc ApplicationConfigForm: fix typo 
Fix a consecutive "to" in a form element description.
 2024-11-04 14:20:24 +01:00
Alexander Aleksandrovič Klimov
2221b27371 Don't rpm --import https://packages.icinga.com/icinga.key 
for the same security reasons we don't use apt-key add anymore for: https://blog.cloudflare.com/dont-use-apt-key

Our repos already reference https://packages.icinga.com/icinga.key and both RPM distro families properly handle that.
 2024-11-04 14:19:03 +01:00
Alexander Aleksandrovič Klimov
605b3568d2 .deb: let user install icinga-archive-keyring package 2024-11-04 14:02:35 +01:00
Johannes Meyer
e12574f328
navigation/dashboard.phtml: Use ipl-web's Icon for fa- icons () 
resolves
2024-11-04 10:29:27 +01:00
Johannes Meyer
e34c174db9 url.php: Add partial support for fontawesome 
Partial because the helper method is not the preferred way
anymore to create an icon. So I simplified the detection
to only check whether the given icon is a legacy one, as
those are smaller in number. Though, this leads to some fa
icons being identified as legacy, as the names equal. But,
it's the legacy helper after all... Anyone wanting to make
sure to get fontawesome icons, must add the `fa-` prefix.
 2024-11-04 10:26:06 +01:00
Johannes Meyer
526de93c89 navigation/dashboard.phtml: Use ipl-web's Icon for fa- icons 2024-11-04 10:26:06 +01:00