Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Fix XSS in notices. | jim-p | 2010-11-12 | 1 | -2/+2 |
| | |||||
* | Bring in XSS id fixes from m0n0wall | Scott Ullrich | 2010-11-12 | 39 | -50/+50 |
| | |||||
* | Clarify these descriptions a bit more on 1:1 edit. | Erik Fonnesbeck | 2010-11-12 | 1 | -3/+3 |
| | |||||
* | Handle AJAX | Scott Ullrich | 2010-11-11 | 1 | -0/+4 |
| | |||||
* | NiftyCheck already included in bottom-loader.js otherwise div mainarea gets ↵ | Warren Baker | 2010-11-11 | 1 | -5/+0 |
| | | | | rounded twice. | ||||
* | Small rework of code for applying drag and drop reordering of rules and some ↵ | Erik Fonnesbeck | 2010-11-11 | 1 | -19/+18 |
| | | | | | | extra checks added to fix some potential bugs. Ticket #878 Also minimizes the extent of the changes performed (useful when comparing config.xml files from before and after). | ||||
* | Fix handling of floating rules in the drag and drop reordering code. Fix for ↵ | Erik Fonnesbeck | 2010-11-11 | 1 | -4/+11 |
| | | | | part of ticket #878 | ||||
* | Move this function to allow removing it from easyrule. | Erik Fonnesbeck | 2010-11-10 | 2 | -48/+0 |
| | |||||
* | Fix filter_rules_sort's compare function to know about floating rules so it ↵ | Erik Fonnesbeck | 2010-11-10 | 2 | -24/+12 |
| | | | | won't change their order. | ||||
* | Use this sort before saving, so the rule just added is sorted into the ↵ | Erik Fonnesbeck | 2010-11-10 | 1 | -0/+1 |
| | | | | proper category like the rest. | ||||
* | Unbreak graphs | Scott Ullrich | 2010-11-10 | 2 | -2/+3 |
| | |||||
* | Copy logic for when to show the cellular tab from status_rrd_graph.php. ↵ | jim-p | 2010-11-10 | 1 | -1/+1 |
| | | | | Fixes #714 | ||||
* | Return this field to its old name to prevent a conflict of names and since ↵ | Erik Fonnesbeck | 2010-11-10 | 1 | -1/+1 |
| | | | | | | the code that uses it still refers to it by that name. Issue reported at http://forum.pfsense.org/index.php/topic,29985.0.html This caused the full name field to be ignored when creating a user and prevented making a certificate at the creation of the user (either could still be changed afterward). | ||||
* | Only use escapeshellarg when passing the arguments to the shell. Fixes #1005 | jim-p | 2010-11-10 | 1 | -5/+3 |
| | |||||
* | * Call get_configured_interface_* functions only once in the code | Ermal | 2010-11-10 | 1 | -43/+46 |
| | | | | | | * Optimize the test if the passed interface is a vaild one * Fix the apply settings to actually do something rather than do nothing at all * Some style and whitespace fixes | ||||
* | Note that this textbox controls HTTP_REFERER hostname checks as well | Scott Ullrich | 2010-11-10 | 1 | -1/+1 |
| | |||||
* | * Adding function get_configured_ip_addresses() which returns all interfaces ↵ | Scott Ullrich | 2010-11-10 | 1 | -1/+19 |
| | | | | | | | | | and their configured IP address * Add checkbox to System -> Advanced -> Admin for HTTP_REFERER checks * Add and enforce HTTP_REFERER check if checkbox is not checked. This will prevent HTML pages from crafting HTML GETs against the web interface and will prevent firewall admins from being "tricked" into clicking on links that may be harmful to their firewall. | ||||
* | Fix misc XSS issues from davey b | Scott Ullrich | 2010-11-10 | 7 | -22/+22 |
| | |||||
* | Add option to System: Firmware: Settings for running gitsync after ↵ | Erik Fonnesbeck | 2010-11-10 | 1 | -0/+38 |
| | | | | installing an update, hidden/disabled if git has not been installed yet. | ||||
* | Ensure csrf magic is loaded | Scott Ullrich | 2010-11-09 | 1 | -0/+1 |
| | |||||
* | Fix Misc XSS issues | Scott Ullrich | 2010-11-09 | 3 | -7/+6 |
| | |||||
* | Testing csrf-magic | Scott Ullrich | 2010-11-09 | 2 | -0/+549 |
| | |||||
* | Add a setting for the data type of values used with DHCP option numbers and ↵ | Erik Fonnesbeck | 2010-11-09 | 1 | -7/+59 |
| | | | | input validation for each type. Fixes #962 | ||||
* | Add a function type to the field types allowed, to allow more field types ↵ | Erik Fonnesbeck | 2010-11-09 | 2 | -2/+6 |
| | | | | without directly adding all of them to row helper. | ||||
* | fix input validation for GRE | Chris Buechler | 2010-11-08 | 1 | -2/+2 |
| | |||||
* | Add a button to connect a non-mobile IPsec VPN from Status > IPsec. Sends a ↵ | jim-p | 2010-11-08 | 1 | -0/+26 |
| | | | | ping from a local IP in the p2 subnet (if one exists on the router) to the remote p2 subnet. | ||||
* | Return disabled interfaces as well | Scott Ullrich | 2010-11-08 | 1 | -1/+1 |
| | |||||
* | Return disabled interfaces as well | Scott Ullrich | 2010-11-08 | 2 | -2/+2 |
| | |||||
* | Recent move (d32d3970d58683d02f89073103eb595eaa8f395f) of routed/ items ↵ | Warren Baker | 2010-11-08 | 1 | -5/+5 |
| | | | | required additional files to be updated to reflect correct path. | ||||
* | Do not use sub array | Scott Ullrich | 2010-11-06 | 1 | -2/+2 |
| | |||||
* | Make sure ipsec is incuded in valid interfaces | Scott Ullrich | 2010-11-06 | 1 | -2/+3 |
| | |||||
* | Move Note to bottom of page | Scott Ullrich | 2010-11-06 | 1 | -1/+1 |
| | |||||
* | Show interface description | Scott Ullrich | 2010-11-06 | 1 | -2/+2 |
| | |||||
* | Interface names should appear as uppercase | Scott Ullrich | 2010-11-06 | 1 | -2/+2 |
| | |||||
* | Interface names should appear as uppercase | Scott Ullrich | 2010-11-06 | 1 | -1/+1 |
| | |||||
* | Do not escape strings twice | Scott Ullrich | 2010-11-06 | 1 | -1/+1 |
| | |||||
* | Misc fixes. Use htmlspecialchars() in more places. Use escaped shell argument. | Scott Ullrich | 2010-11-06 | 1 | -6/+6 |
| | |||||
* | Interface names should appear as uppercase | Scott Ullrich | 2010-11-06 | 1 | -1/+1 |
| | |||||
* | Interface names should appear as uppercase | Scott Ullrich | 2010-11-06 | 1 | -1/+1 |
| | |||||
* | Various CRL fixes. | jim-p | 2010-11-06 | 2 | -45/+58 |
| | |||||
* | Interface names should appear as uppercase | Scott Ullrich | 2010-11-06 | 1 | -1/+1 |
| | |||||
* | Define variable a bit earlier in case its shared | Scott Ullrich | 2010-11-06 | 2 | -2/+6 |
| | |||||
* | Use get_configured_interface_list() so Ermal does not yell at me :) | Scott Ullrich | 2010-11-06 | 2 | -13/+2 |
| | |||||
* | Fix misc input validation errors. Move routed/* to same dir as pkg items | Scott Ullrich | 2010-11-06 | 5 | -2/+12 |
| | |||||
* | Ensure passed interface is valid | Scott Ullrich | 2010-11-06 | 1 | -0/+14 |
| | |||||
* | Use htmlspecialchars() for santitized output | Scott Ullrich | 2010-11-06 | 1 | -3/+3 |
| | |||||
* | Ensure that we are working with a proper passed interface.. | Scott Ullrich | 2010-11-06 | 1 | -11/+20 |
| | |||||
* | If the anti-lockout rule is active, show it in the rules list for the LAN ↵ | jim-p | 2010-11-05 | 1 | -0/+32 |
| | | | | interface (or WAN if the interface count is 1, same rules as in filter.inc for putting the rule in the ruleset) | ||||
* | Warn a user when entering the OpenVPN client/server screens that they need a ↵ | jim-p | 2010-11-04 | 2 | -13/+57 |
| | | | | CA/Cert if none exist. | ||||
* | Use addslashes() here to prevent unescaped quotes from causing PHP errors. ↵ | jim-p | 2010-11-04 | 1 | -1/+1 |
| | | | | Fixes advanced/custom options in OpenVPN wizard. |