urls.py: fix typo
pfconfigxml: accept #comments in textarea params
map markers, at least !
update-geoinfos: add idp.name in output
rc.sh: launch syncdata (metadata+geo) juste after start
s/id/ID/ for xmlsec1 verification
remove useless file
www: syncdata when federations are modified
rc.sh: better logging
add get_federations in pfconfigxml.py
add update-metadatas command and script
update-geoinfos.sh = manage geoinfos + lock
update-geoinfos.py: dont print when randomize geos
Merge branch 'RELENG_2_1' into UNIVNAUTES_2_1
Remove some redundancy and simplify changes made on last commit
Replace GET by POST, it fixes #3833
Do not reconfigure dhcpd twice on secondary after config sync. Fixes #3797
Alias name cannot have more than 31 chars, add maxlength here just as an extra check. Ticket #3827
useless import os
get CONFIG_XML path from settings or os.environ
remove obsolete update_geoinfos.py script
update-geoinfos command
reorganize the project (again), all in "sp" app
map: add static tiles
map: proxy in django, lighttpd is crap
add 'base' in INSTALLED_APPS
templates are now in base
use collectstatic
store static and templates in an 'base' application
caref is useless in federation metadata
add update_federations.py script (draft)
add update_geoinfos.py script
sp/settings.py: AUTH params in settings.py
Fix text description for interface mismatch, fixes #3820
Merge branch 'RELENG_2_1' of git.pfmechanics.com:pfsense/pfsense into RELENG_2_1
fix top nav to fit gold in non-default themes
non-css parts of gold menu
fix spacing in pfsense_ng topnav
Ensure this is always an array to avoid a PHP error from foreach.
Do not reset source and destination port range values when it's an associated rule created by nat port forward. It fixes #3778
Avoid generating an invalid racoon config if the user specified a mobile pool that is too small.
Require click-through POST confirmation when restoring or deleting a configuation from the backup history page.
Remove javascript alert DNS resolution action from the firewall log view. It was already removed from 2.2, and it's better not to allow a GET action to perform that action.
Do not execute on GET, only pre-fill Host box so the user can press the button to execute. Turn alias creation links into submit buttons for POST. While here, remove some backticks and simplify a little.
Shorten the wait at "reload" in startup wizard to 5 seconds from 60. That's more than adequate for current systems, no need to make people sit there for 1 minute. Many likely click out via the logo and miss the last screen entirely.
Encode interface/VIP descriptions before displaying them on the GRE and GIF pages also;While here, the GRE page was missing IP aliases from its list of bind IPs, add it in.
Encode interface/VIP descriptions before displaying them on the NTP daemon settings.
Encode the detail field of an alias entry before displaying its contents back to the user.
Escape the individual dnsmasq advanced/custom options
Fix input validation logic on diag_testport.php, escape more shell arguments for good measure
pfconfigxml.py: add fault tolerant
config federation: add a codename field
config whitelist: hint
config whitelist: add a codename field
saml_federation: a federation can be enabled/disabled
univnautes/sp: views: homepage is just a templateview
univnautes/sp: update settings.py
univnautes/sp: context processor sets "idps" list
univnautes/sp: update templates & static
saml_sp config: add 'defaultidps' param
sp: first UI parameters in pfsense config
sp/settings.py: some values from config.xml
add whitelists configuration
disable IdP configuration pages
captiveportal/saml: redirect to a SP univnautes
sp: loaddata after syncdb
secret.key created in /usr/local/univnautes/sp/
rm secret.key, added to .gitignore
rm lighty-univnautes-CaptivePortal-SSL.conf (useless)
sp/rc.sh fixes
add /usr/local/univnautes sp (first draft)
Allow hostnames in bulk import since they are valid entries in a network type alias.
idp: none choice for certref
Change Cancel button to call history.back() as done in Firewall Rules, the current method has issues with IE 11, it should fix #3728
CP: add "saml" choice in authentication methods
use certref/caref instead of refca/refcert
add services_captiveportal_saml pages
Fix #3725:
- Fix match_filter_field() and also simplify logic- Fix $filterfieldsarray initialization- Avoid to have double spaces on filterfieldsarray['act']- Fix filter on Firewall Logs
new logon.png with univnautes logo
Merge pull request #1208 from razzfazz/nat_add_missing_protocols
Remove also . and / from graph
Fix status_rrd_graph_img.php and also improve it:
- Remove escapeshellarg that broke command line- Only remove dangerous chars to avoid command injection- Replace all `hostname` calls by php_uname('n')- Replace all `date` calls by strftime()- Add $_gb to collect possibly garbage from exec return
Make sure single quotes are encoded and avoid javascript injection
Use CDATA for javascript
Fix indent and whitespaces
Simplify logic, add some protection to user input parameters
Fix whitespaces and indent
We need to allow subdirectories under /usr/local/pkg, here is the proper fix
Protect servicestatusfilter parameter with htmlspecialchars()
Protect rssfeed parameters with htmlspecialchars()
Avoid directory traversal on restorefullbackup
Fix core dump on viewing invalid package log
Remove . and / from pkg name to avoid directory traversal
Remove id=0 from miniupnpd menu and shortcut
Avoid directory traversal when reading package xml files, also check if file exists before try to read it
Make sure variables are escaped, also replace exec calls to run rm by unlink_if_exists()