openwrt/luci
1
0
Fork 0
mirror of https://github.com/openwrt/luci.git synced 2026-04-15 19:01:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
14,842 Commits 17 Branches 13 Tags
5cbd79d7e31c0f0feaea2770bf102bbae7831e3c
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Hauke Mehrtens 5cbd79d7e3 themes: Call striptags() on hostname to prevent XSS 
This calls striptags() on the hostname to prevent any XSS over the
hostname. This should fix CVE-2021-33425 as far as I understood it.

If someone adds some Javascript into system.@system[0].hostname it would
have been directly added to the page, this prevents the problem.

This can only be exploited by someone being able to modify the uci
configuration, normally a user with such privileges could also just
modify the webpage.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-06-09 01:33:44 +02:00
applications
Translated using Weblate (Chinese (Simplified))
2021-06-07 17:48:37 +03:00
build
treewide: replace which with command -v
2020-08-20 15:54:54 -10:00
collections
luci-ssl: switch to WolfSSL
2020-08-31 13:01:55 +03:00
contrib/package
lucihttp: update to latest Git HEAD
2019-07-05 08:27:47 +02:00
docs
docs: update js api docs
2020-08-06 17:58:47 +02:00
libs
Merge pull request #5070 from blocktrron/pr-luci-wifi6
2021-06-05 19:04:11 +02:00
modules
Translated using Weblate (Chinese (Simplified))
2021-06-07 17:48:37 +03:00
protocols
protocols: unify TOS and TTL description strings
2021-06-07 13:59:03 +02:00
themes
themes: Call striptags() on hostname to prevent XSS
2021-06-09 01:33:44 +02:00
.gitignore
luci-base: add support for plural translations and contexts in Lua api
2020-01-25 23:21:35 +01:00
CONTRIBUTING.md
CONTRIBUTING.md: Fix sign_your_work link.
2020-03-01 14:33:20 -08:00
jsdoc.conf.json
docs: various updates
2019-11-07 12:39:24 +01:00
LICENSE
luci.mk
luci.mk: don't run uci-defaults scripts ourself
2021-06-04 23:04:37 +02:00
NOTICE
Update my email addresses in the license headers
2015-01-16 23:49:44 +01:00
package.json
docs: various updates
2019-11-07 12:39:24 +01:00
README.md
docs: various updates
2019-11-07 12:39:24 +01:00

README.md

OpenWrt luci feed

Translation status

Description

This is the OpenWrt "luci"-feed containing LuCI - OpenWrt Configuration Interface.

Usage

This feed is enabled by default. Your feeds.conf.default (or feeds.conf) should contain a line like:

src-git luci https://github.com/openwrt/luci.git

To install all its package definitions, run:

./scripts/feeds update luci
./scripts/feeds install -a -p luci

API Reference

You can browse the generated API documentation directly on Github.

Development

Documentation for developing and extending LuCI can be found in the Wiki

License

See LICENSE file.

Package Guidelines

See CONTRIBUTING.md file.

Translation status

Translation status

Reference in New Issue View Git Blame Copy Permalink
Description
LuCI - OpenWrt Configuration Interface
Readme Apache-2.0 538 MiB
Languages
JavaScript 65.1%
C 17.3%
Lua 6.6%
CSS 3.7%
UnrealScript 3%
Other 4.2%