tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-04-08 17:15:08 +02:00
Code Issues Packages Projects Releases Wiki Activity
14,158 Commits 120 Branches 75 Tags
Commit Graph

1885 Commits

Author SHA1 Message Date
Johannes Meyer
ec40efe157 Only open trusted iframe sources by default 
Trusted in this case means, it was Icinga Web that
rendered a link and the user followed it. Whether
a source is trustworthy or not is detected by use
of the user's session id to hash it combined with
the source similar to how CSRF tokens are assembled.
 2025-03-26 10:25:31 +01:00
Johannes Meyer
484bd26d63 Window: Only accept valid window IDs 2025-03-26 10:24:17 +01:00
Johannes Meyer
2b08d88edf Url: Always compare host and port to identify external urls 2025-03-26 10:23:31 +01:00
Yoda-BZH
4eadfd0ace
View: Consider letter a legacy icon name 2024-11-28 16:55:59 +01:00
Johannes Meyer
e34c174db9 url.php: Add partial support for fontawesome 
Partial because the helper method is not the preferred way
anymore to create an icon. So I simplified the detection
to only check whether the given icon is a legacy one, as
those are smaller in number. Though, this leads to some fa
icons being identified as legacy, as the names equal. But,
it's the legacy helper after all... Anyone wanting to make
sure to get fontawesome icons, must add the `fa-` prefix.
 2024-11-04 10:26:06 +01:00
Johannes Meyer
81a3be74f3 Dashboard: Don't merge already existing dashlets 
fixes #5203
 2024-08-13 11:37:12 +02:00
Johannes Meyer
b3bffa7832 Tab(s): Fix doc types 2024-04-15 13:02:10 +02:00
Johannes Meyer
a734aca11b Controller: Fix doc of httpNotFound and httpBadRequest 2024-04-15 13:02:10 +02:00
Johannes Meyer
a2c143d75e Response: Only preserve showCompact for explicit redirects 
In case of a `__SELF__` redirect, the client should still have
the parameter in the location and its preserved this way then.
 2023-10-27 10:15:47 +02:00
Johannes Meyer
e5f6fc276a ActionController: Always reload window when redirecting to the login 
This ensures that, if CSP is enabled, the newly created token on the
login is accepted by the browser. A small, but IMHO desired, side
effect is that the login now always appears in the default theme.

fixes #5126
 2023-09-28 10:35:18 +02:00
Yonas Habteab
26cae8b882 Rename MigrationHook -> DbMigrationHook 2023-09-19 14:37:55 +02:00
Yonas Habteab
ce89d4a7cb Rename Common\DbMigration -> DbMigrationStep 2023-09-19 14:37:55 +02:00
Yonas Habteab
12bc95099e Don't raise unhandled exceptions in menu context 2023-09-19 14:37:55 +02:00
Yonas Habteab
a167b6d21a Rename migration list item classes 2023-09-19 14:37:55 +02:00
Yonas Habteab
821a6812ae Use EmptyState(Bar) classes where applicable 2023-09-19 14:37:55 +02:00
Florian Strohmaier
7e313c921a MigrationListItemMinimal: Customize markup for styling 2023-09-19 14:37:55 +02:00
Yonas Habteab
a00f094e10 Add extra collapsible container around error section 2023-09-19 14:37:55 +02:00
Yonas Habteab
ad02431bd1 Add extra class to outer item lists & render subject header in the error box 2023-09-19 14:37:55 +02:00
Yonas Habteab
192a21b668 Don't use strong tag to highlight unselectable items 2023-09-19 14:37:55 +02:00
Yonas Habteab
fb33a2097a Defferentiate migrations with no provided descriptions 2023-09-19 14:37:55 +02:00
Yonas Habteab
1da5487066 Introduce MigrationsController & add pending migrations list in about view 2023-09-19 14:37:55 +02:00
Yonas Habteab
85b63dd067 Introduce migration ListItem & ItemList classes 2023-09-19 14:37:55 +02:00
Yonas Habteab
ab96f66e72 Add never return type to redirect methods 2023-09-07 15:33:39 +02:00
Johannes Meyer
36d4e6db29 Response: Fix backwards compatibilty for __CLOSE__ 
If the redirect target changes, `__CLOSE__` has no effect

fixes #5081
 2023-09-07 13:51:55 +02:00
Johannes Meyer
d8e313af6c JsonResponse: Fix documentation of sendResponse 2023-09-05 16:19:41 +02:00
Sukhwinder Dhillon
f283c81ed2 ActionController: Always read icingaweb config for csp 
Method `$this->Config()` returns config based of current module.
 2023-08-30 10:04:46 +02:00
raviks789
33a5f765b9 Use style element to create css class for dynamic inline style 
The `style` element with `nonce` attribute is used to create css classes for
inline styles that are not static. This prevents Content-Security-Policy violations.
 2023-08-28 16:40:33 +02:00
raviks789
459f4198c3 Replace static inline styles with css class 
The static inline styles are replaced with css class to avoid Content-Security-Policy violations.
 2023-08-28 16:30:12 +02:00
Johannes Meyer
e3ebe109eb Enable strict CSP if configured 2023-08-28 12:42:32 +02:00
Yonas Habteab
a965b5c44b Fix argument type hints 2023-08-23 10:53:15 +02:00
raviks789
19151763af UrlParams: Fix parameter types of addValues() method 2023-08-23 10:53:15 +02:00
raviks789
eed1b0a680 Url: Fix type of parameter $values of with() method 2023-08-23 10:53:15 +02:00
Sukhwinder Dhillon
907486ccac NavigationItemRenderer::setOptions(): Add missing return statement 2023-08-23 10:53:15 +02:00
Sukhwinder Dhillon
ee9d139a3a PhpDoc: Fix incorrect @param and @return type hints 2023-08-23 10:53:15 +02:00
Sukhwinder Dhillon
5e671e02af Wizard: Fix throw exception 2023-08-23 10:53:14 +02:00
Sukhwinder Dhillon
302bf3ef54 Tabs: Add $tab_class explicitly as non-dynamic property 2023-08-23 10:53:14 +02:00
Sukhwinder Dhillon
30b91b9cd2 Tabs: Method render() does not expect any param and import missing Exception class 2023-08-23 10:53:14 +02:00
Sukhwinder Dhillon
29b2ed22b9 AbstractWidget: Method render() does not expect any param 2023-08-23 10:53:14 +02:00
Sukhwinder Dhillon
e2e582b095 Navigation/-Item: Fix Variable '$classPath' is probably undefined 2023-08-23 10:53:14 +02:00
Sukhwinder Dhillon
eeff32d4ce AuthBackendController: Fix Variable '$backend' is probably undefined 2023-08-23 10:53:14 +02:00
raviks789
c4a3cee94a UrlParams: Fix type for parameter $default of method get() 
The parameter `default` can be null, string, int or bool.
 2023-08-23 10:53:14 +02:00
raviks789
c46446e17f Url: Fix type for parameter $value of method setParam() 2023-08-23 10:53:14 +02:00
raviks789
2a4f448c3e Url: Use Icinga\Web\Request instead of Zend_Request or Zend_Abstract_Request 2023-08-23 10:53:14 +02:00
raviks789
e946ed1f0e UrlParams: Fix type for parameter $default of method getValues() 2023-08-23 10:53:14 +02:00
raviks789
d5e93a9d68 UrlParams: Fix type for parameter $value of method add() 
The parameter `$value` can be null, string or bool.
 2023-08-23 10:53:14 +02:00
raviks789
22c790ea48 ActionControlle: Avoid void return in __call() magic method 2023-08-23 10:53:13 +02:00
raviks789
6b0244f247 ActionController: Declare property $view 2023-08-23 10:53:13 +02:00
raviks789
2db4e35b78 Button: Import class Zend_Config 
The parameters for the constructor can be of type `Zend_Config`. Hence the class has been imported.
 2023-08-23 10:53:13 +02:00
raviks789
f05d76e05e FormElement: Fix the return type of loadDefaultDecorators() 2023-08-23 10:53:13 +02:00
raviks789
4108b6b4cc Navigation: Cast string to int to perform addition 
In `library/Icinga/Web/Navigation/Navigation::merge()` the result of `preg_match`
must be cast to int before adding 1 to it.
 2023-08-23 10:53:13 +02:00