diff options
Diffstat (limited to 'usr/local')
-rw-r--r-- | usr/local/www/system_advanced_admin.php | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/usr/local/www/system_advanced_admin.php b/usr/local/www/system_advanced_admin.php index f34d1c7..7875802 100644 --- a/usr/local/www/system_advanced_admin.php +++ b/usr/local/www/system_advanced_admin.php @@ -3,7 +3,7 @@ /* system_advanced_admin.php part of pfSense - Copyright (C) 2005-2007 Scott Ullrich + Copyright (C) 2005-2010 Scott Ullrich Copyright (C) 2008 Shrew Soft Inc @@ -56,6 +56,7 @@ $pconfig['disablehttpredirect'] = isset($config['system']['webgui']['disablehttp $pconfig['disableconsolemenu'] = isset($config['system']['disableconsolemenu']); $pconfig['noantilockout'] = isset($config['system']['webgui']['noantilockout']); $pconfig['nodnsrebindcheck'] = isset($config['system']['webgui']['nodnsrebindcheck']); +$pconfig['nohttpreferercheck'] = isset($config['system']['webgui']['nohttpreferercheck']); $pconfig['althostnames'] = $config['system']['webgui']['althostnames']; $pconfig['enableserial'] = $config['system']['enableserial']; $pconfig['enablesshd'] = $config['system']['enablesshd']; @@ -140,6 +141,11 @@ if ($_POST) { else unset($config['system']['webgui']['nodnsrebindcheck']); + if ($_POST['nohttpreferercheck'] == "yes") + $config['system']['webgui']['nohttpreferercheck'] = true; + else + unset($config['system']['webgui']['nohttpreferercheck']); + if ($_POST['althostnames']) $config['system']['webgui']['althostnames'] = $_POST['althostnames']; else @@ -360,6 +366,18 @@ function prot_change() { </td> </tr> <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Browser HTTP_REFERER enforcement"); ?></td> + <td width="78%" class="vtable"> + <input name="nohttpreferercheck" type="checkbox" id="nohttpreferercheck" value="yes" <?php if ($pconfig['nohttpreferercheck']) echo "checked"; ?> /> + <strong><?=gettext("Disable HTTP_REFERER enforcement check"); ?></strong> + <br/> + <?php echo gettext("When this is unchecked, access to the webConfigurator " . + "is protected against HTTP_REFERER redirection attempts. " . + "Check this box to disable this protection if you find that it interferes with " . + "webConfigurator access in certain corner cases such as using 3rd party scripts to interact with pfSense. More information on HTTP_REFERER is available from <a href='http://en.wikipedia.org/wiki/HTTP_referrer'>Wikipedia</a>."); ?> + </td> + </tr> + <tr> <td colspan="2" class="list" height="12"> </td> </tr> <tr> |