jim-p
|
2dd57bd95f
|
Also consider 0.0.0.0/0 here since it fails both these tests but is still a valid/special config.
|
2012-12-07 09:33:10 -05:00 |
jim-p
|
94d1cd834d
|
Safety belt checks to fix a PHP error that for whatever reason only appeared in Chrome.
|
2012-11-27 08:29:00 -05:00 |
Chris Buechler
|
9f9df4ec6f
|
remove non-applicable text
|
2012-11-21 01:20:08 -06:00 |
Erik Fonnesbeck
|
2fb548667a
|
Fix special build_commit tag that was broken from previous change to how it read the file with the commit ID.
Backport of c578fb0fc6
|
2012-11-20 22:35:27 -07:00 |
jim-p
|
f16a622038
|
Fixup kernel detection during upgrade process to ensure someone can't end up with a kernel that doesn't exist any more.
|
2012-11-20 09:42:14 -05:00 |
Ermal
|
6acfbc6f49
|
Resolves #2294. Base64 encode the file when sending to the browser same way it is encoded when sent to us. This prevents csrf from mangling things
|
2012-11-20 14:05:24 +00:00 |
jim-p
|
a6f64d3076
|
Only apply this port check for TCP and UDP.
|
2012-11-20 08:31:34 -05:00 |
jim-p
|
e6a2acc15d
|
No need to do this here - we have a System > Advanced option that already controls this. Revert "Do not allow autocomplete of the password field to avoid security issues:"
This reverts commit 6a68440b8a .
|
2012-11-20 08:05:24 -05:00 |
Ermal
|
36f509579f
|
Allow only post action and not get to avoid security problems
|
2012-11-20 09:19:47 +00:00 |
Ermal
|
1e5eedbbb5
|
Remoev exec_raw.php since its a dangerous page
|
2012-11-20 09:08:37 +00:00 |
Ermal
|
d680caf25b
|
Do not process ip options by default this is 2012
|
2012-11-20 08:46:49 +00:00 |
Ermal
|
6a68440b8a
|
Do not allow autocomplete of the password field to avoid security issues:
|
2012-11-20 08:20:52 +00:00 |
Ermal
|
66f445c3bc
|
To allow limiters to work correctly on mutliwan for now enforce selecting a gateway on outgoing
|
2012-11-16 21:29:06 +00:00 |
Ermal Luçi
|
b3f1ef1614
|
Merge pull request #252 from ogunacik/RELENG_2_0
Control whether text and node variables are not null.
|
2012-11-16 08:09:59 -08:00 |
ogun acik
|
772ba79095
|
it was giving error at firebug
|
2012-11-16 17:32:41 +02:00 |
jim-p
|
1213f83cbb
|
Re-add WOL to the services menu, it apparently disappeared in an earlier commit.
|
2012-11-14 20:31:58 -05:00 |
Jim P
|
75de894f72
|
Merge pull request #249 from thomasnoel/RELENG_2_0
cherry-pick last commits to RELENG_2_0
|
2012-11-12 06:05:07 -08:00 |
Thomas NOËL
|
95a3099eae
|
fix last commit (#2679)
|
2012-11-12 15:00:06 +01:00 |
Ermal
|
69fec196d4
|
Resolves #2679. Correct behaviour when port is null to avoid warnings on error log
|
2012-11-12 15:00:02 +01:00 |
Ermal
|
a388261259
|
Resolves #2678. Merge patch suggedted to stop warnings on PHP_errors.log
|
2012-11-12 15:00:00 +01:00 |
Ermal
|
32837bb4ee
|
Use a random exponent for the RSA generation of keys. Its is questionable if its needed to be saved as a value? Ticket #2657
|
2012-11-06 21:31:30 +00:00 |
Jim P
|
19588eae03
|
Merge pull request #245 from ogunacik/RELENG_2_0
fixed paths
|
2012-11-05 05:06:46 -08:00 |
ogun acik
|
8327246694
|
fixed paths
|
2012-11-05 14:35:03 +02:00 |
jim-p
|
7e66977801
|
Make a function to get the current theme and use it everywhere rather than duplicating code or missing functions. (Fixes forced themes using the wrong theme for login screen)
Conflicts:
etc/inc/util.inc
usr/local/www/head.inc
|
2012-11-02 11:06:52 -04:00 |
jim-p
|
7cf76e8bb5
|
Encode the interface parameter before using it in a redirect
|
2012-10-31 14:24:15 -04:00 |
jim-p
|
ee8981553b
|
Encode the if parameter before using it in redirects, too.
|
2012-10-31 14:02:22 -04:00 |
jim-p
|
52ab0384ca
|
Encode the if parameter before using it in html
|
2012-10-31 14:02:01 -04:00 |
jim-p
|
1457cce53e
|
Escape parameters better when managing tables. Fix test to allow deleting subnet entries as well as IPs.
|
2012-10-31 13:33:44 -04:00 |
jim-p
|
56143f06c2
|
Remove debug output
|
2012-10-31 11:38:35 -04:00 |
jim-p
|
23c3ccb6b6
|
Set the CSRF Magic timeout to the same as the session timeout, so that if a user sets a lower session time, the CSRF magic tokens do not outlive the user's session.
|
2012-10-31 09:49:10 -04:00 |
jim-p
|
b3a1733da5
|
Update CSRF Magic
|
2012-10-31 08:39:29 -04:00 |
jim-p
|
80ff6bfe42
|
Eliminate system calls here, use PHP instead.
|
2012-10-04 10:28:32 -04:00 |
jim-p
|
f5acd06573
|
Sanitize some variables
Discovered-By: Yann CAM
|
2012-10-04 09:24:40 -04:00 |
jim-p
|
fa9f5ff99f
|
Verify posted kernel type against a defined list of good values.
Discovered-By: Yann CAM
|
2012-10-04 08:55:56 -04:00 |
jim-p
|
d729dbeb30
|
Fix reference to limitrules
|
2012-10-04 08:20:05 -04:00 |
smos
|
a9f0df6964
|
Make sure that the limits are included in the normal ruleset, otherwise pf will use the defaults.
|
2012-10-02 09:25:44 -04:00 |
jim-p
|
fdcc1b82fc
|
Don't die silently if the time is too far off. Fix from: dhatz
|
2012-10-02 09:25:38 -04:00 |
Darren Embry
|
6fda15a967
|
fix for: Output from CSRF magic mangles files in Diagnostics > Edit File
http://redmine.pfsense.org/issues/2294
|
2012-09-17 08:38:19 -04:00 |
jim-p
|
82f6b8e0de
|
Use a better link here.
|
2012-09-12 12:45:14 -04:00 |
jim-p
|
bca84dfba2
|
Don't skip over wrap_vga here.
|
2012-09-12 12:26:03 -04:00 |
jim-p
|
0888bdfa7b
|
Print a nice large warning on the PPTP page about it no longer being considered secure.
|
2012-09-12 12:18:00 -04:00 |
Ermal
|
d587bbf911
|
Simplify schedules code and some styly nits
|
2012-08-30 06:49:11 +00:00 |
Ermal
|
13f334f349
|
Be consistent on formatting to easy reading
|
2012-08-29 17:37:26 +00:00 |
jim-p
|
116ba6653b
|
Restructure these IP/subnet tests so they don't break transport mode
|
2012-08-27 14:38:45 -04:00 |
jim-p
|
53ac638bf1
|
It's time...
|
2012-08-14 18:41:58 -04:00 |
Ermal
|
bbaeb5c09c
|
Remove extra curly to allow checking braces closure easily in vi[m]
|
2012-08-14 20:28:29 +00:00 |
jim-p
|
8b46d7782a
|
Ensure this gets a set default value or things can break
|
2012-08-01 14:55:08 -04:00 |
jim-p
|
e97c2778ff
|
Protect against a potential infinite loop here.
|
2012-08-01 14:55:04 -04:00 |
jim-p
|
3163c3aa3b
|
Move to RC4... almost there.
|
2012-08-01 12:10:04 -04:00 |
Ermal
|
007bb55f89
|
Silence tar command to not garble console
|
2012-08-01 12:09:41 -04:00 |