upstream/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2026-04-22 14:53:07 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
14265 commits 138 branches 78 tags 77 MiB
Commit graph

1897 commits

Author SHA1 Message Date
Alexander A. Klimov
8533c5eea2 Use Hook\Essentials::all(), not Hook::all() 
to ease finding usages and to be a good example for future hooks.

Same with `register()`, `first()` and `has()`.
 2026-04-13 11:35:04 +02:00
Eric Lippmann
662de28f85 License source files as GPL-3.0-or-later 
Add SPDX license headers and mark source files as GPL-3.0-or-later to
preserve the option to relicense under later GPL versions.
 2026-03-26 17:49:26 +01:00
jrauh01
6ae99807b1
Add RequestHook (#5433) 2026-03-26 14:25:31 +01:00
Bastian Lederer
21b50939e5 Avoid passing null as ipl\Html form element $name 
Forward compatibility fix: `ipl\Html` will introduce strict types, which
declares `$name` as string. Passing `null` will result in a `TypeError` once
strict types are enforced.
 2026-03-19 22:27:41 +01:00
Bastian Lederer
5b2747e9cd Only set session.sid_bits_per_character for PHP < 8.4 
PHP 8.4 has deprecated `session.sid_bits_per_character` along with
`session.sid_length`, as part of a broader effort to standardize session ID
generation for improved security and interoperability.
 2026-03-10 16:40:27 +01:00
Bastian Lederer
f868f4d9d6 Avoid passing null as key in array_key_exists() 
Calling `array_key_exists()` with a `null` key is deprecated as of PHP 8.5.
 2026-03-10 16:40:27 +01:00
Bastian Lederer
ea0ce32bc9 Change implicit nullable type declaration to explicit 
Since PHP 8.4 implicitly nullable parameter types are deprecated.

Normalize scoped PHPDoc for nullable-parameter updates: use `?Type` instead of
`Type|null`, remove column alignment, and indent continuation lines with 2
spaces.

Co-authored-by: "Eric Lippmann <eric.lippmann@icinga.com>"
 2026-03-10 16:40:27 +01:00
Alexander Aleksandrovič Klimov
8603044881 Fix typo in code comment 2025-08-22 15:46:59 +02:00
Johannes Meyer
5d71d09e54 StyleSheet: Do not rely on config to trigger auth 
fixes #5385
 2025-07-08 16:47:02 +02:00
Johannes Rauh
aa7a60c893 Replace search icon png with fontawesome icon 2025-05-08 08:37:37 +02:00
Johannes Rauh
05f9e7c5ee Show label as navigation flyout header 2025-04-30 15:29:59 +02:00
Johannes Meyer
6c7f1e5466 Dashlet: Properly embed iframe urls 
fixes #5346
 2025-04-01 11:19:00 +02:00
Johannes Meyer
ec40efe157 Only open trusted iframe sources by default 
Trusted in this case means, it was Icinga Web that
rendered a link and the user followed it. Whether
a source is trustworthy or not is detected by use
of the user's session id to hash it combined with
the source similar to how CSRF tokens are assembled.
 2025-03-26 10:25:31 +01:00
Johannes Meyer
484bd26d63 Window: Only accept valid window IDs 2025-03-26 10:24:17 +01:00
Johannes Meyer
2b08d88edf Url: Always compare host and port to identify external urls 2025-03-26 10:23:31 +01:00
Yoda-BZH
4eadfd0ace
View: Consider letter a legacy icon name 2024-11-28 16:55:59 +01:00
Johannes Meyer
e34c174db9 url.php: Add partial support for fontawesome 
Partial because the helper method is not the preferred way
anymore to create an icon. So I simplified the detection
to only check whether the given icon is a legacy one, as
those are smaller in number. Though, this leads to some fa
icons being identified as legacy, as the names equal. But,
it's the legacy helper after all... Anyone wanting to make
sure to get fontawesome icons, must add the `fa-` prefix.
 2024-11-04 10:26:06 +01:00
Johannes Meyer
81a3be74f3 Dashboard: Don't merge already existing dashlets 
fixes #5203
 2024-08-13 11:37:12 +02:00
Johannes Meyer
b3bffa7832 Tab(s): Fix doc types 2024-04-15 13:02:10 +02:00
Johannes Meyer
a734aca11b Controller: Fix doc of httpNotFound and httpBadRequest 2024-04-15 13:02:10 +02:00
Johannes Meyer
a2c143d75e Response: Only preserve showCompact for explicit redirects 
In case of a `__SELF__` redirect, the client should still have
the parameter in the location and its preserved this way then.
 2023-10-27 10:15:47 +02:00
Johannes Meyer
e5f6fc276a ActionController: Always reload window when redirecting to the login 
This ensures that, if CSP is enabled, the newly created token on the
login is accepted by the browser. A small, but IMHO desired, side
effect is that the login now always appears in the default theme.

fixes #5126
 2023-09-28 10:35:18 +02:00
Yonas Habteab
26cae8b882 Rename MigrationHook -> DbMigrationHook 2023-09-19 14:37:55 +02:00
Yonas Habteab
ce89d4a7cb Rename Common\DbMigration -> DbMigrationStep 2023-09-19 14:37:55 +02:00
Yonas Habteab
12bc95099e Don't raise unhandled exceptions in menu context 2023-09-19 14:37:55 +02:00
Yonas Habteab
a167b6d21a Rename migration list item classes 2023-09-19 14:37:55 +02:00
Yonas Habteab
821a6812ae Use EmptyState(Bar) classes where applicable 2023-09-19 14:37:55 +02:00
Florian Strohmaier
7e313c921a MigrationListItemMinimal: Customize markup for styling 2023-09-19 14:37:55 +02:00
Yonas Habteab
a00f094e10 Add extra collapsible container around error section 2023-09-19 14:37:55 +02:00
Yonas Habteab
ad02431bd1 Add extra class to outer item lists & render subject header in the error box 2023-09-19 14:37:55 +02:00
Yonas Habteab
192a21b668 Don't use strong tag to highlight unselectable items 2023-09-19 14:37:55 +02:00
Yonas Habteab
fb33a2097a Defferentiate migrations with no provided descriptions 2023-09-19 14:37:55 +02:00
Yonas Habteab
1da5487066 Introduce MigrationsController & add pending migrations list in about view 2023-09-19 14:37:55 +02:00
Yonas Habteab
85b63dd067 Introduce migration ListItem & ItemList classes 2023-09-19 14:37:55 +02:00
Yonas Habteab
ab96f66e72 Add never return type to redirect methods 2023-09-07 15:33:39 +02:00
Johannes Meyer
36d4e6db29 Response: Fix backwards compatibilty for __CLOSE__ 
If the redirect target changes, `__CLOSE__` has no effect

fixes #5081
 2023-09-07 13:51:55 +02:00
Johannes Meyer
d8e313af6c JsonResponse: Fix documentation of sendResponse 2023-09-05 16:19:41 +02:00
Sukhwinder Dhillon
f283c81ed2 ActionController: Always read icingaweb config for csp 
Method `$this->Config()` returns config based of current module.
 2023-08-30 10:04:46 +02:00
raviks789
33a5f765b9 Use style element to create css class for dynamic inline style 
The `style` element with `nonce` attribute is used to create css classes for
inline styles that are not static. This prevents Content-Security-Policy violations.
 2023-08-28 16:40:33 +02:00
raviks789
459f4198c3 Replace static inline styles with css class 
The static inline styles are replaced with css class to avoid Content-Security-Policy violations.
 2023-08-28 16:30:12 +02:00
Johannes Meyer
e3ebe109eb Enable strict CSP if configured 2023-08-28 12:42:32 +02:00
Yonas Habteab
a965b5c44b Fix argument type hints 2023-08-23 10:53:15 +02:00
raviks789
19151763af UrlParams: Fix parameter types of addValues() method 2023-08-23 10:53:15 +02:00
raviks789
eed1b0a680 Url: Fix type of parameter $values of with() method 2023-08-23 10:53:15 +02:00
Sukhwinder Dhillon
907486ccac NavigationItemRenderer::setOptions(): Add missing return statement 2023-08-23 10:53:15 +02:00
Sukhwinder Dhillon
ee9d139a3a PhpDoc: Fix incorrect @param and @return type hints 2023-08-23 10:53:15 +02:00
Sukhwinder Dhillon
5e671e02af Wizard: Fix throw exception 2023-08-23 10:53:14 +02:00
Sukhwinder Dhillon
302bf3ef54 Tabs: Add $tab_class explicitly as non-dynamic property 2023-08-23 10:53:14 +02:00
Sukhwinder Dhillon
30b91b9cd2 Tabs: Method render() does not expect any param and import missing Exception class 2023-08-23 10:53:14 +02:00
Sukhwinder Dhillon
29b2ed22b9 AbstractWidget: Method render() does not expect any param 2023-08-23 10:53:14 +02:00