After some email discussion with Adam, there is a preference to also prevent $splashPage from using variables
Signed-off-by: craigmayhew <craig@mayhew.io>
* fix favicon
* add meta charset
* add html lang
* add a page title
* remove unneeded html end tags
* fix viewport tag to allow zooming
* compress the "blocked by Pi-hole" SVG
* remove trailing spaces
* switch to double colon pseudo elements (works from IE9 and newer)
* add missing vendor prefixes
* other minor tweaks
* add `Access-Control-Allow-Origin` header to all font types
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
Avoiding calling empty() on a function allows this to work under PHP5. Making the check for blocklist generation in this way instead is compatible with both PHP5 and PHP7.
Signed-off-by: Rob Gill <rrobgill@protonmail.com>
* Use inverse if statement, instead of IF/ELSE when checking setupVars.conf
* Remove $svFQDN
* Add or elaborate on more comments
* Add $serverName to $authorizedHosts if admin has specified `setenv.add-environment = ("fqdn" => "true")` within lighttpd's external.conf
* e.g: `$HTTP["host"] == "pihole.domain.com" { setenv.add-environment = ("fqdn" => "true") }`
* Move "No exact results" check to top of exception handling
* Remove unnecessary IF/ELSE when handling $queryAds error
Signed off by WaLLy3K <wally3k@pi-hole.net>
If Pi-Hole is behind a reverse proxy that uses SSL, then the block page will not load resources such as `blockingpage.css` and `jquery.min.js` as the insecure `http://` is hard coded. Browsers will block attempts to load insecure resources if the page is loaded of SSL.
The fix is acheived by checking `$_SERVER['HTTPS']` and setting the variable `$proto` to either `http` or `https`. The harcoded `http` is replaced by the contents of this variable.
Since Pi-hole redirects ad domains to itself, accessing the script via de.ign.com is the same as pi.hole in this case. The fix should be as simple as adding a / before admin on this line.
* An "About Pi-hole" link on the block page provides an ELI5 explanation to those not familiar with Pi-hole
* An email contact link on the block page provides users of your Pi-hole with a means to easily get in touch with you
* Browsing to your Pi-hole's address will show a simple "landing page", which can be replaced by adding "landing.php" within "/var/www/html"
* Users manually browsing to file/image based content (i.e: non HTML based content) on blocked sites will be greeted with a small "Blocked by Pi-hole" image
* Sites that are manually blacklisted will display a notice of this on the block page
* Sites that aren't directly blocked, but have a CNAME record, will show a notification on the block page (e.g: If raw.githubusercontent.com is not blocked, but github.map.fastly.net is)
* On the block page, "Back to Safety" now directs the user to "about:home" if Javascript is disabled
* Whitelisting is disabled for installs without a password, or if a client does not have Javascript
* Known issues:
* Admin Console needs a text field under "Web User Interface" where the admin can enter a preferred contact email when a site needs to be whitelisted, to be saved to setupVars.conf with the key "ADMIN_EMAIL"
* Admin Console needs a text field under "Networking" where the admin can enter their Pi-hole's externally contactable FQDN, allowing access to their landing page when browsing to mypi.duckdns.org, to be saved to setupVars.conf with the key "FQDN"
* I am not aware of expected output of `$_SERVER["VIRTUAL_HOST"]`, so I have assumed it should be filtered as if it's a domain
Craig Mayhew
Michael Paul Killian
Nathan Friend
XhmikosR
Matthias Schoettle
DL6ER
Mcat12
Nils Bergmann
Patrik Cyvoct
Alex Villarreal
Rob Gill
Dan Schaper
Leo MG Nesfield (LMGN)
Keith Bentrup
WaLLy3K
andofrjando
0412465564
Dan Schaper
Flo
raincoats