As gluon-web uses standard multipart/form-data requests, browsers don't
enforce any cross-origin restrictions. To prevent malicious injection of
POST requests into the config mode, match the Origin header against the
Host header of the request.
Actually raise an error and turn it into an HTTP 400 return code when
something goes wrong, rather than ignoring the error.
We also improve the conditions under which errors are thrown before
pump() is called: We don't need to check for the multipart/form-data
content-type twice, and a POST without this content-type is now always
an error.
By applying a label `backport <branch>` the action will automatically
try to cherry-pick the change to the target branch after the pull
request was successfully merged.
Swap the interfaces so than the PoE input port LAN0 is used for WAN and
config mode, and LAN1 becomes LAN.
To this end, the code previously used for ar71xx and removed in
commit 9fdc57c175 ("treewide: drop ar71xx platform specific code") is
reintroduced.
Fixes#2384
There wasn't really a reason to have a separate script to set a single
value.
In addition, the old script was using the identifier 'c' instead of
'uci' for the UCI cursor. Following the convention of the other scripts
is helpful so it is easy to grep for all uses of a certain config file/
option.
Iterating over all the package directories in the OpenWrt feed takes a
while, even though it doesn't contain any upgrade scripts. Skip the
whole directory.
1472a8fa42 procd: update to git HEAD
015f170fe6 procd: update to git HEAD
cd5ba0cfbb ustream-ssl: variants conflict with each other
6eced97ce4 lantiq: flag FritzBox 7360 family buttons active-low
b59f3b08b4 firmware-utils: tplink-safeloader: fix Archer A7v5 factory flashing from vendor fw > v1.1.x
43d105ec2a kernel: bump 5.4 to 5.4.171
1db847488d ath79: rb912: fix pll init issues
6ced8cad8e kernel: backport workaround for Realtek RTL8672 and RTL9601C chips
77ee281a3e kernel: add kmod-ledtrig-pattern
aa2de44cdd kernel: fix AutoLoad parameter for uleds module
bc37a699e5 kernel: add kmod-leds-uleds
96b5962704 mvebu: remove patch that was applied into linux stable
5beaa75d94 openssl: bump to 1.1.1m
93842b20dc bcm4908: include ATF in bootfs images
18b10db2f1 arm-trusted-firmware-bcm63xx: add ATF for Broadcom devices
739e359241 kernel: backport support for multicolor & RGB LEDs to 5.4
608c7dccf2 bcm4908: sysupgrade: add pkgtb format support
b6ed2641df busybox: backport dd support for iflag=count_bytes
7e4485fd5b bcm4908: add uboot-envtools to default packages
4cd5d11fa3 bcm4908: add fdt-utils to default packages
1d4a28d5e1 dtc: support printing binary data with fdtget
ce5d0378bf dtc: import package for dtc & fdt from packages feed
6292d1e354 bcm4908: sysupgrade: refactor handling different firmware formats
a00854040d ipq40xx: specify FritzBox 7530 LAN port label numbers
27225e3538 kernel: ath10k: provide a build variant for small RAM devices
104774c3b0 mvebu: puzzle: wan LED and fix default network
47d82f0710 mvebu: enable Aquantia phy driver for Puzzle devices
164ed6069c mvebu: add id for AQR112 Ethernet phy variants
daf4301071 mvebu: import patch enabling AQR113 PHY
ee5750043c mvebu: import patch enabling AQR112 and AQR412 PHY
a03840a1a9 mvebu: puzzle-m901: add LEDs, fan and reset button
280bb7c10c mvebu: puzzle-m902: add GPIO reset button
1e5df4d550 mvebu: puzzle-mcu: improve led driver
99a1e88297 mvebu: puzzle-m902: add driver for MCU driving LEDs, fan and buzzer
3b14ddf8d2 build: fix opkg install step for large package selection
This copies the code from web-admin and uses it to create a neat
cli-accessible summary about a node
This could also be extended or possibly have all the data the status
page has
Co-Authored-By: Matthias Schiffer <mschiffer@universe-factory.net>
The following features are available in Busybox ash, so we don't need to
warn about them for runtime scripts:
- local keyword
- echo -n / -e
- String indexing
These warnings are new in shellcheck 0.7.2, which would otherwise fail
for various scripts.
0.7.1 complains about unescaped backslashes in double quotes (which are
intepreted by printf in the two affected places). While the warning was
retired with shellcheck 0.7.2, it seems like a good idea to fix it
anyways.
We currently don't have any deprecated devices, so it doesn't make much
sense to force every site to specify this variable. Make it default to 0
instead.
All our targets use the OpenWrt device abstraction. Since commit
6ba58c9b17c90e41b521d796ab76e5723ee017170
("generic: force per-device RootFS") building non-device targets is not
possible anymore, so we can remove these obsolete handlers.
