Commit graph

9 commits

Author SHA1 Message Date
glaszig
da69d3d768 send CSRF token in a response header,
update the page's CSRF tokens with the new token
from the response header,
verify csrf token in ajax endpoints,
initialize a session for every endpoint
2019-08-06 21:34:58 +02:00
glaszig
87fe8948b8 remove splattered, duplicated csrf validation code
since we do that always and early, now.
2019-08-06 20:55:16 +02:00
glaszig
3db99c7d21 * escape html entities in network interface settings
the command `ip address show eth0` returns
special characters like "<" and ">" which, if left
unescaped and shown on the page, will create
arbitrary html elements and hide information.

* show interface settings inside unstyled pre block

interface properties should be parsed and displayed
in a proprietary and pretty manner. until then, give
use the raw output of `ip address show`
2019-07-31 04:04:38 +02:00
Jon van Noort
6e33e4c882 changed call to parse_ini_file() to use INI_SCANNER_RAW, so that ini values are parsed as expected 2019-07-18 04:17:19 +08:00
D9ping
182a6509e9 Don't allow to read ini file everywhere on filesystem.
Signed-off-by: D9ping <D9ping@users.noreply.github.com>
2018-08-06 15:02:57 +02:00
D9ping
2b03fa316d Escape client input, console output etc. before doing any echo.
Signed-off-by: D9ping <D9ping@users.noreply.github.com>
2018-08-04 02:05:56 +02:00
Lawrence
7845c8908b Initial commit to enable logging for hostapd 2017-11-02 22:13:36 +08:00
Lawrence
8d77295fd3 Updated sudoers to accomodate restarting dhcpcd to apply network settings.
Updated installer to insert new lines
Created files to generate / modify / save dhcpcd files and networking configuration
2017-10-30 02:21:34 +08:00
Lawrence
7749b79e2f Implemented start of web interface to update Static IP addresses or use DHCP.
Currently saves to files in /etc/raspap/networking, still need to build something to generate a working config for dhcpcd
2017-10-28 02:40:30 +08:00