LAB/pi-hole_web
1
0
Fork 0
mirror of https://github.com/pi-hole/web.git synced 2026-02-20 00:45:11 +08:00
Code Issues Packages Projects Releases Wiki Activity
7,194 Commits 23 Branches 113 Tags
Commit Graph

25 Commits

Author SHA1 Message Date
RD WebDesign
8c0f785351
Replace mg.request_info.request_uri with the variable scriptname 
The information from `mg.request_info.request_uri` depends on the URL typed
by the user. This information was used without any sanitization, allowing
an attacker to send crafted links containing anything, including javascript
code, which could be loaded and executed in a few pages.

Replacing this value with `scriptname` variable fixes the issue, since this
variable contains the name of the file currently being executed. This
information cannot be externally manipulated and it is safe to be used on
the page.

Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
 2025-10-19 18:44:52 -03:00
XhmikosR
4aaf7fe0e6 header: move unneeded unauthenticated assets to authenticated 
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-06-27 16:43:32 +03:00
Dominik
a07dacab77
header_authenticated.lp: add the hostname li only if it's greater t… (#3501) 2025-06-20 20:38:59 +02:00
XhmikosR
64b4756640
Update chart.js to v4.5.0 (#3516) 
* Update chart.js to v4.5.0

Also, switch to the minified file

Signed-off-by: XhmikosR <xhmikosr@gmail.com>

* Update scripts/lua/header_authenticated.lp

Co-authored-by: yubiuser <github@yubiuser.dev>
Signed-off-by: XhmikosR <xhmikosr@gmail.com>

---------

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
Co-authored-by: yubiuser <github@yubiuser.dev>
 2025-06-16 15:50:47 +02:00
XhmikosR
293a84439d header: don't hide advanced info since it's always shown 
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-06-15 08:13:20 +03:00
XhmikosR
f78257bd8e
header_authenticated.lp: add the hostname li only if it's greater than zero 
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-06-02 17:10:47 +03:00
casperklein
f3fd182d00
Add rel="noreferrer" to external hyperlinks 
Signed-off-by: casperklein <casperklein@users.noreply.github.com>
 2025-05-29 22:57:36 +02:00
yubiuser
24fdb48d3f
Remove horizontal line in hamburger menu 
Signed-off-by: yubiuser <github@yubiuser.dev>
 2025-05-26 21:17:57 +02:00
XhmikosR
89f4d0af4e
header_authenticated: change documentation icon to solid 
It's now consistent with the rest of the icons

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-05-26 09:03:39 +03:00
XhmikosR
66f9c38d03 Make use of the new format_path function to add the current page in body 
This will allow us to target specific pages more easily

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-05-04 09:56:56 +03:00
XhmikosR
2dd128fbfb Revert the defer addition for now 
There are still cases we are getting TypeErrors. We should try again after grouping our assets together in all pages.

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-04-03 07:52:28 +03:00
DL6ER
58616bc8af
Remove remaining hard-coded /admin/ paths in the webinterface 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-03-31 21:43:57 +02:00
Dominik
071e5edb4a
sidebar: switch to a real button (#3342) 2025-03-27 13:19:36 +01:00
XhmikosR
6c29d5dab8 Logout: fix redirect 
Without this, we were getting into a loop with keep alive enabled
when using Firefox.

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-03-24 08:29:40 +02:00
XhmikosR
5036b1df13 Navigation: switch to a real button 
Better for accessibility

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-03-23 19:19:57 +02:00
XhmikosR
1acb80536b Refactor assets loading 
* move fonts first
* move CSS and JS along with the rest
* move default auto theme media checks to the HEAD instead of imports

Also, use `script defer`. This makes the JS files non-blocking.

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-03-23 07:08:37 +02:00
DL6ER
6a6a3911f0
Merge branch 'development' into new/web_prefix 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-03-18 06:58:10 +01:00
XhmikosR
bbcda8ae28
Fix stray - 
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-03-12 08:13:20 +02:00
DL6ER
5f3bcdac3c
Merge branch 'development' into new/web_prefix 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-03-09 20:15:59 +01:00
DL6ER
e873dfed2b
Use document.body.dataset instead of defining a hidden <div> 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-03-09 20:13:33 +01:00
XhmikosR
01a8b8d505 Move image to an external file 
It's the original Pi-hole logo, with the following modifications:

* removed colors
* added the classes we need
* added `currentcolor`

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-03-09 20:01:41 +02:00
DL6ER
f8ef22572a
Store value of pihole.webhome() in a globally available variable instead of calling pihole.webhome() multiple times 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2025-03-08 21:37:21 +01:00
XhmikosR
3602a43842 Add missing img dimensions 
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
 2025-03-08 15:51:01 +02:00
Toni Förster
fa77236432
consistent naming for forum 
Signed-off-by: Toni Förster <toni.foerster@icloud.com>
 2024-12-16 20:38:56 +01:00
yubiuser
1e922a8b29
Move all files from /scripts/pi-hole/ to /scripts/ 
Signed-off-by: yubiuser <github@yubiuser.dev>
 2024-10-28 20:22:09 +01:00