Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Upon restoring a config, replacing whole sections, or editing config.xml in ↵ | Erik Fonnesbeck | 2010-11-21 | 1 | -1/+3 |
| | | | | edit.php, prevent possible accidental lockout from DNS rebind and HTTP referrer checks by disabling them until reboot or the next time they pass, whichever comes sooner. Ticket #1027 | ||||
* | Fix reading the ip from the right file for dyndns. | Ermal | 2010-11-19 | 1 | -9/+9 |
| | |||||
* | When the local port is left blank on an OpenVPN client, use 'lport 0' to ↵ | jim-p | 2010-11-19 | 1 | -1/+1 |
| | | | | direct the client to use a random source port. Fixes #1025 | ||||
* | Save the host name and domain to a temporary location until the setup wizard ↵ | Erik Fonnesbeck | 2010-11-18 | 2 | -3/+18 |
| | | | | is finished to prevent triggering the DNS rebind message. Fixes #1022 Also use this information to implement the redirect for changed host for ticket #455 | ||||
* | Handling this properly when the web gui is on an alternate port number. | Erik Fonnesbeck | 2010-11-18 | 1 | -3/+5 |
| | |||||
* | Make this check more general in case someone makes a wizard that changes an ↵ | Erik Fonnesbeck | 2010-11-17 | 1 | -4/+8 |
| | | | | opt interface's IP address and wants to use the "Reload in progress" step. Ticket #455 | ||||
* | Properly reflect ports in the GUI view of the anti-lockout rule since ↵ | jim-p | 2010-11-17 | 1 | -2/+17 |
| | | | | Ermal's changes restricted it to only ssh/gui ports. | ||||
* | Show CRL download link only for imported certificates or CRLs with revoked ↵ | jim-p | 2010-11-17 | 1 | -0/+2 |
| | | | | certificates. | ||||
* | Some CRL fixes. | jim-p | 2010-11-17 | 1 | -5/+7 |
| | |||||
* | Ticket #1017. Put a @ before each fwrite to silence errors. Also setup the ↵ | Ermal | 2010-11-17 | 1 | -1/+1 |
| | | | | log file in the beginning rather than on each individual function. | ||||
* | Resolves #1018. Provide a more unique host name for the file. | Ermal | 2010-11-17 | 1 | -1/+1 |
| | |||||
* | Add workaround for referrer check to not be triggered on the previous IP ↵ | Erik Fonnesbeck | 2010-11-17 | 1 | -1/+3 |
| | | | | address when redirected by the setup wizard. | ||||
* | Redirect to the correct IP at the end of the setup wizard if accessing it on ↵ | Erik Fonnesbeck | 2010-11-17 | 1 | -2/+10 |
| | | | | an IP address that was changed. Fixes #455 | ||||
* | Fix typo in comment. | jim-p | 2010-11-16 | 1 | -1/+1 |
| | |||||
* | Ensure this is an array before entering the foreach loop. Fixes #1012 | Erik Fonnesbeck | 2010-11-16 | 1 | -7/+9 |
| | |||||
* | Avoid exec() and use php calls. | Ermal | 2010-11-16 | 1 | -7/+3 |
| | |||||
* | * Use pkg_info -E pkgname* for testing if a package is installed. | Ermal | 2010-11-16 | 1 | -6/+6 |
| | | | | | | | | | * Do not call eval if we cannot include an .inc file since that will make the whole script fail. * Keep the log from the start to the end without overwriting. This makes debugging and problem reporting easy and explains what is done during installation. * Check retrun value of download_with_progress_bar to make it possible catching errors during download. * Lots of improvements in between Related to Ticket #950 | ||||
* | Disable CSRF checks on the backup page. | Scott Ullrich | 2010-11-15 | 1 | -0/+1 |
| | |||||
* | Add nocsrf flag | Scott Ullrich | 2010-11-14 | 2 | -3/+7 |
| | |||||
* | Fix misnamed form field on CRL import. | jim-p | 2010-11-14 | 1 | -1/+1 |
| | |||||
* | Fix variable names. Ticket #954 | Erik Fonnesbeck | 2010-11-14 | 1 | -5/+5 |
| | |||||
* | Fix case of variable name for swap usage. Ticket #477 | Erik Fonnesbeck | 2010-11-14 | 1 | -1/+1 |
| | |||||
* | Open link in new tab/window | Scott Ullrich | 2010-11-13 | 1 | -1/+1 |
| | |||||
* | Form image buttons are submit buttons and thus default buttons, causing ↵ | Erik Fonnesbeck | 2010-11-12 | 8 | -15/+15 |
| | | | | unwanted behavior with the enter key. Use links instead, where possible. | ||||
* | Add style to rowhelper normal text fields in packages for consistency. | Erik Fonnesbeck | 2010-11-12 | 1 | -1/+1 |
| | |||||
* | CSRF startup code has been moved to guiconfig.inc | Scott Ullrich | 2010-11-12 | 1 | -4/+0 |
| | |||||
* | Unbreak AJAX | Scott Ullrich | 2010-11-12 | 1 | -0/+3 |
| | |||||
* | Misc XSS fixes | Scott Ullrich | 2010-11-12 | 1 | -10/+13 |
| | |||||
* | Protect against XSS by someone broadcasting an HTML SSID... (better to be ↵ | jim-p | 2010-11-12 | 1 | -1/+1 |
| | | | | safe...) | ||||
* | One more potential XSS vector. Not sure how it would have text injected ↵ | jim-p | 2010-11-12 | 1 | -1/+1 |
| | | | | here, but better safe than sorry. | ||||
* | More notice XSS fixes. | jim-p | 2010-11-12 | 1 | -4/+4 |
| | |||||
* | Fix XSS issues | Scott Ullrich | 2010-11-12 | 37 | -145/+144 |
| | |||||
* | Fix XSS in notices. | jim-p | 2010-11-12 | 1 | -2/+2 |
| | |||||
* | Bring in XSS id fixes from m0n0wall | Scott Ullrich | 2010-11-12 | 39 | -50/+50 |
| | |||||
* | Clarify these descriptions a bit more on 1:1 edit. | Erik Fonnesbeck | 2010-11-12 | 1 | -3/+3 |
| | |||||
* | Handle AJAX | Scott Ullrich | 2010-11-11 | 1 | -0/+4 |
| | |||||
* | NiftyCheck already included in bottom-loader.js otherwise div mainarea gets ↵ | Warren Baker | 2010-11-11 | 1 | -5/+0 |
| | | | | rounded twice. | ||||
* | Small rework of code for applying drag and drop reordering of rules and some ↵ | Erik Fonnesbeck | 2010-11-11 | 1 | -19/+18 |
| | | | | | | extra checks added to fix some potential bugs. Ticket #878 Also minimizes the extent of the changes performed (useful when comparing config.xml files from before and after). | ||||
* | Fix handling of floating rules in the drag and drop reordering code. Fix for ↵ | Erik Fonnesbeck | 2010-11-11 | 1 | -4/+11 |
| | | | | part of ticket #878 | ||||
* | Move this function to allow removing it from easyrule. | Erik Fonnesbeck | 2010-11-10 | 2 | -48/+0 |
| | |||||
* | Fix filter_rules_sort's compare function to know about floating rules so it ↵ | Erik Fonnesbeck | 2010-11-10 | 2 | -24/+12 |
| | | | | won't change their order. | ||||
* | Use this sort before saving, so the rule just added is sorted into the ↵ | Erik Fonnesbeck | 2010-11-10 | 1 | -0/+1 |
| | | | | proper category like the rest. | ||||
* | Unbreak graphs | Scott Ullrich | 2010-11-10 | 2 | -2/+3 |
| | |||||
* | Copy logic for when to show the cellular tab from status_rrd_graph.php. ↵ | jim-p | 2010-11-10 | 1 | -1/+1 |
| | | | | Fixes #714 | ||||
* | Return this field to its old name to prevent a conflict of names and since ↵ | Erik Fonnesbeck | 2010-11-10 | 1 | -1/+1 |
| | | | | | | the code that uses it still refers to it by that name. Issue reported at http://forum.pfsense.org/index.php/topic,29985.0.html This caused the full name field to be ignored when creating a user and prevented making a certificate at the creation of the user (either could still be changed afterward). | ||||
* | Only use escapeshellarg when passing the arguments to the shell. Fixes #1005 | jim-p | 2010-11-10 | 1 | -5/+3 |
| | |||||
* | * Call get_configured_interface_* functions only once in the code | Ermal | 2010-11-10 | 1 | -43/+46 |
| | | | | | | * Optimize the test if the passed interface is a vaild one * Fix the apply settings to actually do something rather than do nothing at all * Some style and whitespace fixes | ||||
* | Note that this textbox controls HTTP_REFERER hostname checks as well | Scott Ullrich | 2010-11-10 | 1 | -1/+1 |
| | |||||
* | * Adding function get_configured_ip_addresses() which returns all interfaces ↵ | Scott Ullrich | 2010-11-10 | 1 | -1/+19 |
| | | | | | | | | | and their configured IP address * Add checkbox to System -> Advanced -> Admin for HTTP_REFERER checks * Add and enforce HTTP_REFERER check if checkbox is not checked. This will prevent HTML pages from crafting HTML GETs against the web interface and will prevent firewall admins from being "tricked" into clicking on links that may be harmful to their firewall. | ||||
* | Fix misc XSS issues from davey b | Scott Ullrich | 2010-11-10 | 7 | -22/+22 |
| |