4e6b936862
helpers/url: Properly escape image urls
2018-10-10 09:44:11 +02:00
7d47875241
Introduce PdfexportHook
2018-07-18 14:22:18 +02:00
84622bf27b
Fix some XSS vulnerabilities
...
Only a real issue with <= IE9 as other browsers properly escape
urls prior transmission.
Signed-off-by: Eric Lippmann <eric.lippmann@icinga.com>
2018-07-16 09:53:30 +02:00
6cddd6beed
Merge pull request #3508 from Icinga/fix/filter-entries-are-deleted-when-pushing-enter-3454
...
FilterEditor: Add a hidden submit button to the start of the form's m…
2018-07-10 09:28:35 +02:00
47405127d0
Add config to hide/show pplication state messages
...
refs #2835
2018-07-09 16:28:28 +02:00
d18d05ccee
Introduce ApplicationStateHook
...
refs #2835
2018-07-09 16:28:25 +02:00
6e6251604b
FilterEditor: Add a hidden submit button to the start of the form's markup
...
When pushing enter our JS mimics what a browser would do. And that is
pushing the first submit button found in the form. Without this, that's
a delete button of the first logical junction. (the root condition)
fixes #3454
2018-07-06 10:41:49 +02:00
189b519135
Merge pull request #3486 from Icinga/fix/request-parses-json-without-respecting-content-type-3484
...
Fix that Request parses json without respecting content type
2018-07-05 13:19:27 +02:00
1f677e64f6
ActionController: Force HTTP redirects in method redirectHttp()
...
That's what its name implies, right? The counterpart is redirectXhr(),
which does still its job. redirectNow() on the other hand is for the
lazy people.
2018-07-04 14:44:03 +02:00
8cbff87af1
Request: Parse the POST body only as JSON if it's really JSON
...
refs #3484
2018-07-04 11:09:11 +02:00
842e5603a1
Request: Introduce method extractMediaType
...
refs #3484
2018-07-04 11:09:11 +02:00
6f1d8668a0
Fix line exceeds 120 characters
2018-06-22 11:04:48 +02:00
ee60a8df99
Don't let AutoRefreshForm handle API requests
...
refs #2749
2018-06-22 11:03:07 +02:00
235e75d054
Form: handle API requests as expected
...
refs #2749
2018-06-22 11:03:07 +02:00
880a0a254f
DateTimePicker: support *nix timestamps
...
refs #2749
2018-06-22 11:03:07 +02:00
a444b8adf5
Request: support JSON as POST data format
...
refs #2749
2018-06-22 11:03:07 +02:00
906c1668a4
Split Json::encode() into Json::encode() and Json::sanitize()
...
refs #2635
2018-06-21 16:01:53 +02:00
02b60633ff
Auto-sanitize only in the monitoring module
...
refs #2635
2018-06-20 18:05:12 +02:00
1a94a21263
Prefer Json::encode() over json_encode()
...
refs #2635
2018-06-20 18:05:11 +02:00
96303f53f8
Merge pull request #3213 from Icinga/feature/drop-php-5-3-support
...
Drop PHP 5.3 support
2018-05-08 03:03:36 -04:00
4bea67e756
Merge pull request #3315 from Icinga/bugfix/php-7-2-support-3185
...
Don't call session_start() after ini_set()
2018-05-07 05:44:52 -04:00
fc1f6e13ab
Drop PHP 5.3 support
2018-05-07 11:36:54 +02:00
71cb682832
Re-introduce class Icinga\Web\Menu
...
refs #2338
2018-04-30 10:24:57 +02:00
1b15048636
Drop obsolete Icinga\Web\Menu classes
...
refs #2338
2018-04-27 14:28:20 +02:00
571b34c8cd
Drop obsolete class Icinga\Web\Menu\BadgeMenuItemRenderer
...
refs #2338
2018-04-27 14:11:03 +02:00
059088c089
Drop obsolete class Icinga\Web\Menu\SummaryMenuItemRenderer
...
refs #2338
2018-04-27 14:10:35 +02:00
d71982e333
Drop obsolete class Icinga\Web\Menu\PermittedMenuItemFilter
...
refs #2338
2018-04-27 14:10:00 +02:00
1c4ebda037
Drop obsolete class Icinga\Web\MenuRenderer
...
refs #2338
2018-04-27 14:04:49 +02:00
1280137eae
Merge branch 'bugfix/form-number-inclusive-range'
2018-04-12 14:32:38 +02:00
5cf51a70c8
Numeric input: validate inclusive ranges
2018-04-12 14:25:10 +02:00
5f24fffe7d
Merge pull request #3412 from Icinga/bugfix/filter-editor-expand-upon-auto-refresh-2964
...
Preserve collapsed FilterEditor subtrees across auto-refreshes
2018-04-06 14:55:19 +02:00
41b105136d
Preserve collapsed FilterEditor subtrees across auto-refreshes
...
refs #2964
2018-04-06 13:54:51 +02:00
72f0e809ae
Pane: Add setter for $name
...
refs #2901
2018-04-06 11:08:20 +02:00
b5dde96746
FilterEditor: save changes on element addition
...
refs #2900
2018-04-04 12:20:52 +02:00
dadd2c80f6
Don't call session_start() after ini_set()
...
refs #3185
2018-01-24 17:38:20 +01:00
72ec132f25
Correct interfaces to conform to PHP 7.2+
2018-01-24 11:50:10 +01:00
e59fa13786
Announcements: Render HTML in announcment messages
...
refs #2641
2018-01-19 16:12:53 +01:00
3b9d8697ed
Introduce class Icinga\Web\Helper\HtmlPurifier
...
refs #2641
2018-01-19 16:12:53 +01:00
362a5b1721
Merge pull request #3271 from Icinga/bugfix/fix-internalurlvalidator
...
InternalUrlValidator: prevent circumvention by URLs on the same VHost
2018-01-18 09:58:32 +01:00
5f441f3ad1
Don't fail to render the whole dashboard in case of a broken dashlet
2018-01-17 13:48:14 +01:00
c2f74d49cb
InternalUrlValidator: prevent circumvention by URLs on the same VHost
2018-01-16 15:40:08 +01:00
705f3a49d9
Merge pull request #3180 from Icinga/feature/url-static-self
...
Url: prefer static over self
2018-01-16 10:52:25 +01:00
a1709a0670
Fix unneccessary log message
...
refs #3189
2017-12-19 15:58:25 +01:00
788272fad7
PhpSession: conform to PHP 7.1
...
refs #3208
2017-12-13 13:38:51 +01:00
810c02a41f
Url: prefer static over self
2017-12-04 10:48:52 +01:00
6409bdc074
Implement persistent "Show more" spoilers
2017-11-27 14:18:42 +01:00
b6b87796ed
Menu: Link to the navigation dashboard if menu entry has children but no URL
2017-11-21 22:55:45 +01:00
e7ca817e81
Make Navigation::findItem() public
...
We need this method public for the navigation dashbaord.
2017-11-21 22:55:45 +01:00
21dbe4ec47
Only render icons of root navigation items
...
The upcoming navigation dashboard creates its links from the menu items in configuration.php.
Now, we encourage users to specify icons for second-level menu items but do not want render them in our menu.
2017-11-21 22:55:45 +01:00
3660606ca1
Allow to set a description for navigation items
...
We will introduce a navigation dashboard for root menu items which do not a have a URL but children.
2017-11-21 22:55:45 +01:00
df1e7683c8
Merge pull request #3041 from Icinga/feature/auto-detaching-dom-elements-3039
...
Implement auto-detaching DOM elements
2017-11-21 16:48:59 +01:00
2493cb8d63
Fix incorrect uses of translation around sprintf
2017-11-21 15:47:46 +01:00
c7ffb41b02
Implement togglable flyover
...
refs #3024
2017-11-21 14:05:12 +01:00
b000c1ae4a
Implement auto-detaching DOM elements
...
refs #3039
2017-11-21 13:17:55 +01:00
71fe12393d
Persist X-Icinga-WindowId across auto-refreshes
2017-11-21 11:30:36 +01:00
bdcb6389d8
Add user preference for default number of items per page
...
refs #2859
Signed-off-by: Eric Lippmann <eric.lippmann@icinga.com>
2017-11-15 16:56:43 +01:00
73a6750489
Make phpcs and PhpStorm happy w/ intentional switch, case fall-throughs
...
Unfortunately, PhpStorm does not regonise PSR2 fall-through comments.
On the other hand, phpcs does not support the @noinspection phpdoc comment (/**).
The fix is a mix of PSR2 comments and @noinspection tags in code comments.
2017-11-08 10:25:28 +01:00
c3ef50978a
style: Fix minor styleguide issues for PHPCS
2017-11-08 10:06:45 +01:00
1f5f610b04
Add newlines to AnnouncementIniRepository.php
2017-11-07 14:48:46 +01:00
5ec14bdb9d
Remove inheritdoc tags in AnnouncementIniRepository.php
2017-11-07 12:50:30 +01:00
2e1bac81ff
Form: Create the form as part of method `setDefaults'
...
We don't care anymore about the BC in Zend version 1.12.7.
Hence we'll happily override setDefaults now. Yay!
refs #2998
2017-10-23 15:10:50 +02:00
d348d95e5e
Revert "Form: Don't prevent disabled elements from getting overwritten.."
...
This reverts commit eb343009bb#2998
2017-10-23 15:10:37 +02:00
c22efa4519
UrlValidator: translate error message
2017-10-20 14:27:33 +02:00
f70fc6e98d
Fix not working SomeType[string] in code docs
...
refs #2980
2017-09-29 12:08:14 +02:00
46014558e6
Merge pull request #2946 from Icinga/bugfix/enhance-code-autocompletion-in-ides-2945
...
Enhance code autocompletion in IDEs
2017-09-08 15:45:25 +02:00
ade0744701
Merge pull request #2923 from Icinga/bugfix/is-not-a-valid-number
...
Form/Element/Number: The field should be valid when empty
2017-09-08 15:32:48 +02:00
356e194612
Enhance code autocompletion in IDEs
...
refs #2945
2017-09-07 11:22:46 +02:00
beb3326631
StyleSheet/JavaScript: Also include Cache-Control when answering with a 304
...
Without Cache-Control, the browser may invalidate its cached file and we're
serving the file again on the next request.
refs #2917
2017-08-22 09:33:28 +02:00
6702ccb2a7
FileCache: Ignore compression suffix when checking cache made of multiple files
...
refs #2917
2017-08-22 09:31:56 +02:00
7b7bfb5a5d
FileCache: Use the correct variable when checking a file's modification time
...
refs #2917
2017-08-22 08:38:13 +02:00
1d06d4e3c4
Form/Element/Number: The field should be valid when empty
2017-08-17 13:20:51 +02:00
eb343009bb
Form: Don't prevent disabled elements from getting overwritten..
...
..if someone just utilizes populate() programatically.
refs #2509
2017-07-13 13:53:48 +02:00
ed5ba14df2
Form: Register form notifications as custom error messages for API requests
...
I'd have liked to fix how we transmit validation messages in such cases,
but for compatibilty reasons this has to suffice..
2017-07-13 13:00:24 +02:00
96c96df636
Form: Don't transmit duplicate error messages
...
Zend_Form::getMessages() already returns custom error messages,
if there are any
2017-07-13 12:59:23 +02:00
b93dc06f5b
ActionController: Let the repsonse itself set its headers
...
The only header that is now set by the ActionController is X-Icinga-Title,
all others are delegated to Icinga\Web\Response.
2017-07-13 12:56:03 +02:00
0d52bb421f
ActionController: Don't re-enable the layout when just setting XHR layout
...
In case someone doesn't want the layout, we should not force it, especially
not for XHR requests.
2017-07-12 16:54:52 +02:00
c0d82fa2cc
Rephrase autosumbit tooltips
...
fixes #1507
2017-07-04 13:59:02 +02:00
53091384cd
Remove unused attributes from the date time picker element
2017-07-04 10:32:30 +02:00
a5990d4de8
Add date and time form elements
2017-07-03 15:03:26 +02:00
f6166b3ab6
ActionController: Allow to control which inline view script to use
...
This also affects that rerendering the layout does only have any effect
in case of XHR requests and is not overwritten anymore in this case.
Since this property was previously private, this should not break anything.
2017-06-28 11:14:01 +02:00
22223acf1d
Controllers: Make all private properties protected
...
Controllers are neither library stuff nor any vital part that need to be
protected from too adventurous module developers.
2017-06-28 09:51:28 +02:00
8ee6e763a6
ActionController: Ensure to utilize the response to redirect and exit
2017-06-19 09:11:12 +02:00
df04c0f837
ActionController: Introduce constant DEFAULT_TITLE
...
Controllers are now allowed to fully customize the page title.
2017-06-09 11:13:37 +02:00
8a890a4a82
ActionController: Allow controllers to customize the login route
2017-05-19 08:39:11 +02:00
b0221c5e13
Form: Preserve default if element has attribute 'disabled'
...
fixes #2509
2017-02-14 10:18:56 +01:00
96f0a8c24e
FilterEditor: escape values correctly
...
refs #12330
2017-02-09 17:50:49 +01:00
181e2ef05c
Swag: Fix swag (aka a whole bunch of code style issues..)
2017-01-27 14:48:59 +01:00
08a82daea3
Update to icinga.com
...
refs #2687
2017-01-18 12:04:43 +01:00
0716f87852
Update german translation
2016-12-13 13:57:27 +01:00
a78ac6dfab
Hide announcements when they have expired
...
refs #11198
2016-12-13 11:04:56 +01:00
626afbd5ec
Merge branch 'bugfix/always-use-the-jquery-find-method-w/-node-context-10704'
...
fixes #10704
2016-12-08 17:15:02 +01:00
0e69ce4544
Remove obsolete class dropdown from the close-container-control
2016-12-08 16:55:33 +01:00
fed0fc9608
Merge branch 'feature/fold-and-unfold-filter-by-click-12634'
...
resolves #12634
2016-12-08 14:30:55 +01:00
5661dfa63c
Harden import of vendor JavaSript libs
...
fixes #12328
2016-12-08 10:40:22 +01:00
b3bc1b6f81
Let the SummaryNavigationItemRenderer show the worst state
...
fixes #11185
2016-12-08 10:40:22 +01:00
8c2b6ae665
Conform to coding guidelines
...
refs #12634
2016-12-07 18:33:26 +01:00
69c8ed471b
FilterEditor: add possibility to fold and unfold filter by click
...
refs #12634
Signed-off-by: Alexander A. Klimov <alexander.klimov@icinga.com>
2016-12-07 18:26:45 +01:00
4205eb4cc9
nl2br helper: convert also raw newlines
2016-12-05 13:33:11 +01:00
e549c44247
Don't show exception when no announcement has been created
...
refs #11198
2016-11-29 16:32:30 +01:00
39c7451664
Implement announcements
...
refs #11198
2016-11-29 15:24:34 +01:00
Johannes Meyer
Eric Lippmann
Alexander A. Klimov
lippserd
Markus Frosch
Noah Hilverling
Michael Friedrich
Johannes Meyer