tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,694 Commits 116 Branches 71 Tags 80 MiB
Commit Graph

3692 Commits

Author SHA1 Message Date
Eric Lippmann dd9e8c8ba9 Revert "Merge pull request #3487 from Icinga/fix/web-bootstrap" 
This reverts commit b12b905076, reversing
changes made to c633c86db7.

refs #3500
 2018-07-18 15:29:55 +02:00
Eric Lippmann 121bd545d1
Merge pull request #3530 from Icinga/feature/enforce-a-named-identity-for-audit-logs 
AuditHook: Enforce a named identity and allow to pass a explicit time
 2018-07-18 15:27:45 +02:00
Johannes Meyer f28f7150fc AuditHook: Enforce a named identity and allow to pass a explicit time 2018-07-18 14:45:00 +02:00
Eric Lippmann 7d47875241 Introduce PdfexportHook 2018-07-18 14:22:18 +02:00
Eric Lippmann 67929064cc
Merge pull request #3526 from Icinga/fix/some-xss-vulnerabilities 
Fix some XSS vulnerabilities
 2018-07-16 09:58:23 +02:00
Eric Lippmann 11f1a287ab
Merge pull request #3519 from Icinga/fix/mysql-ssl-connection-error-brings-up-no-explanation-3249 
Pdo\Abstract: Properly handle incomplete error messages
 2018-07-16 09:56:26 +02:00
Johannes Meyer 84622bf27b Fix some XSS vulnerabilities 
Only a real issue with <= IE9 as other browsers properly escape
urls prior transmission.

Signed-off-by: Eric Lippmann <eric.lippmann@icinga.com>
 2018-07-16 09:53:30 +02:00
Johannes Meyer bf5c6a56b3 Revert "Fix some XSS vulnerabilities" 
Accidentally pushed. Should re-enter with #3521.
 2018-07-11 16:37:39 +02:00
Johannes Meyer b97933a146 Fix some XSS vulnerabilities 
Only a real issue with <= IE9 as other browsers properly escape
urls prior transmission.
 2018-07-11 13:10:57 +02:00
Johannes Meyer 44bfdd3986 Pdo\Abstract: Properly handle incomplete error messages 
fixes #3249
 2018-07-10 14:54:28 +02:00
Eric Lippmann 6cddd6beed
Merge pull request #3508 from Icinga/fix/filter-entries-are-deleted-when-pushing-enter-3454 
FilterEditor: Add a hidden submit button to the start of the form's m…
 2018-07-10 09:28:35 +02:00
Eric Lippmann b88c6b0a6e
Merge pull request #3516 from Icinga/feature/application-state-hook 
Application state hook
 2018-07-10 09:14:26 +02:00
Eric Lippmann 47405127d0 Add config to hide/show pplication state messages 
refs #2835
 2018-07-09 16:28:28 +02:00
Eric Lippmann d18d05ccee Introduce ApplicationStateHook 
refs #2835
 2018-07-09 16:28:25 +02:00
Eric Lippmann 303637df3c
Merge pull request #3452 from Icinga/feature/drop-php-lt-56-support 
Drop support for PHP < 5.6
 2018-07-09 09:18:18 +02:00
Johannes Meyer 6e6251604b FilterEditor: Add a hidden submit button to the start of the form's markup 
When pushing enter our JS mimics what a browser would do. And that is
pushing the first submit button found in the form. Without this, that's
a delete button of the first logical junction. (the root condition)

fixes #3454
 2018-07-06 10:41:49 +02:00
Eric Lippmann 189b519135
Merge pull request #3486 from Icinga/fix/request-parses-json-without-respecting-content-type-3484 
Fix that Request parses json without respecting content type
 2018-07-05 13:19:27 +02:00
Johannes Meyer 1f677e64f6 ActionController: Force HTTP redirects in method redirectHttp() 
That's what its name implies, right? The counterpart is redirectXhr(),
which does still its job. redirectNow() on the other hand is for the
lazy people.
 2018-07-04 14:44:03 +02:00
Johannes Meyer 8cbff87af1 Request: Parse the POST body only as JSON if it's really JSON 
refs #3484
 2018-07-04 11:09:11 +02:00
Johannes Meyer 842e5603a1 Request: Introduce method extractMediaType 
refs #3484
 2018-07-04 11:09:11 +02:00
Eric Lippmann 8990d6f46e Drop support for PHP < 5.6 2018-07-03 13:11:36 +02:00
Eric Lippmann d6c4df7a5d Use password_hash and password_verify 2018-07-03 13:08:06 +02:00
Eric Lippmann faaff42096 Revert "Introduce PasswordHelper for safer passwords" 
This reverts commit f57277aa96.

Since we're dropping PHP support for versions lower than 5.6 this class is no longer necessary.
 2018-07-03 13:08:06 +02:00
Eric Lippmann 966148e8f0
Merge pull request #3463 from kobmaki/feature/Allow-to-interface-with-sqlite-databases-3381 
Support SQLite resources
 2018-06-28 11:42:00 +02:00
Eric Lippmann 0433dc4166 Bootstrap modules at last 
We initialize modules before we set up the user backend and other
singletons. But modules may access those in order to check the
permissions of the authenticated user for example. With this fix,
modules are loaded once all other bootstrap tasks have been completed.

refs #3470
 2018-06-27 09:52:00 +02:00
Uwe Ebel 4b5cf47cce Introduce SQLite resource type 
refs #3381

Signed-off-by: Eric Lippmann <eric.lippmann@icinga.com>
 2018-06-27 09:40:22 +02:00
Eric Lippmann c633c86db7
Merge pull request #3480 from Icinga/fix/revert-persistent-db-connections 
No longer support persistent database connections
 2018-06-27 09:36:37 +02:00
Eric Lippmann fdd791974d Update Parsedown 2018-06-25 16:07:47 +02:00
Eric Lippmann 66132c330a Update JShrink 2018-06-25 16:05:36 +02:00
Eric Lippmann 46907735fe Update HTMLPurifier 2018-06-25 16:04:10 +02:00
Eric Lippmann e55ac3e4a2 Update dompdf deps 2018-06-25 16:01:06 +02:00
Eric Lippmann 4d42c043e4 Remove traces of persistent db connections 2018-06-22 15:36:46 +02:00
Eric Lippmann af35794006 Revert "lib/db: Allow to configure persistent connections" 
This reverts commit 4763b6b20a.
 2018-06-22 14:43:32 +02:00
Eric Lippmann 6f1d8668a0 Fix line exceeds 120 characters 2018-06-22 11:04:48 +02:00
Alexander A. Klimov ee60a8df99 Don't let AutoRefreshForm handle API requests 
refs #2749
 2018-06-22 11:03:07 +02:00
Alexander A. Klimov 235e75d054 Form: handle API requests as expected 
refs #2749
 2018-06-22 11:03:07 +02:00
Alexander A. Klimov 880a0a254f DateTimePicker: support *nix timestamps 
refs #2749
 2018-06-22 11:03:07 +02:00
Alexander A. Klimov a444b8adf5 Request: support JSON as POST data format 
refs #2749
 2018-06-22 11:03:07 +02:00
Alexander A. Klimov 73473a3bb9 Fix tests 
refs #2635
 2018-06-22 09:57:10 +02:00
Alexander A. Klimov 906c1668a4 Split Json::encode() into Json::encode() and Json::sanitize() 
refs #2635
 2018-06-21 16:01:53 +02:00
Alexander A. Klimov 02b60633ff Auto-sanitize only in the monitoring module 
refs #2635
 2018-06-20 18:05:12 +02:00
Alexander A. Klimov 1a94a21263 Prefer Json::encode() over json_encode() 
refs #2635
 2018-06-20 18:05:11 +02:00
Alexander A. Klimov 9219cea776 Json::encode(): auto-sanitize bad UTF-8 strings 
refs #2635
 2018-06-20 18:05:11 +02:00
Johannes Meyer 3f66bd7437 Auth: Log login/logout activities to the audit log 
refs #2563
 2018-06-08 14:21:15 +02:00
Johannes Meyer 9da9f1237d Introduce class Icinga\Application\Hook\AuditHook 
refs #2584
 2018-06-08 14:21:15 +02:00
Eric Lippmann 96303f53f8
Merge pull request #3213 from Icinga/feature/drop-php-5-3-support 
Drop PHP 5.3 support
 2018-05-08 03:03:36 -04:00
Eric Lippmann 4bea67e756
Merge pull request #3315 from Icinga/bugfix/php-7-2-support-3185 
Don't call session_start() after ini_set()
 2018-05-07 05:44:52 -04:00
Alexander A. Klimov fc1f6e13ab Drop PHP 5.3 support 2018-05-07 11:36:54 +02:00
Eric Lippmann 60295f3407
Merge pull request #3443 from Icinga/fix/search-over-customvars-results-in-sql-error-2508 
Fix search over customvars results in sql error 2508
 2018-05-07 04:18:22 -04:00
Johannes Meyer cbc77cb7b2 Web: Implement method getMenu() using Icinga\Web\Menu and deprecate it 
refs #2338
 2018-04-30 10:30:58 +02:00