From: Jo-Philipp Wich Date: Thu, 5 Apr 2018 20:37:37 +0000 (+0200) Subject: treewide: improve handling of page redirections in uci change views X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=731ed77c0bbee7004a6b5645d9a8592a76748a1c;p=oweals%2Fluci.git treewide: improve handling of page redirections in uci change views Instead of passing the full LuCI request url, pass the relative resolved request path instead and filter the received value through the lookup() dispatcher function to only allow paths to actual internal pages. Signed-off-by: Jo-Philipp Wich --- diff --git a/modules/luci-mod-admin-full/luasrc/controller/admin/uci.lua b/modules/luci-mod-admin-full/luasrc/controller/admin/uci.lua index 9c33d9c18..c3bf66852 100644 --- a/modules/luci-mod-admin-full/luasrc/controller/admin/uci.lua +++ b/modules/luci-mod-admin-full/luasrc/controller/admin/uci.lua @@ -5,8 +5,7 @@ module("luci.controller.admin.uci", package.seeall) function index() - local redir = luci.http.formvalue("redir", true) or - luci.dispatcher.build_url(unpack(luci.dispatcher.context.request)) + local redir = luci.http.formvalue("redir", true) or table.concat(disp.context.request, "/") entry({"admin", "uci"}, nil, _("Configuration")) entry({"admin", "uci", "changes"}, call("action_changes"), _("Changes"), 40).query = {redir=redir} diff --git a/modules/luci-mod-admin-full/luasrc/view/admin_uci/changes.htm b/modules/luci-mod-admin-full/luasrc/view/admin_uci/changes.htm index c3373604f..6e725c888 100644 --- a/modules/luci-mod-admin-full/luasrc/view/admin_uci/changes.htm +++ b/modules/luci-mod-admin-full/luasrc/view/admin_uci/changes.htm @@ -16,9 +16,9 @@ <% end %>
- <% local r = luci.http.formvalue("redir"); if r and #r > 0 then %> + <% local node, url = luci.dispatcher.lookup(luci.http.formvalue("redir")); if url then %>
-
+
diff --git a/modules/luci-mod-admin-full/luasrc/view/admin_uci/revert.htm b/modules/luci-mod-admin-full/luasrc/view/admin_uci/revert.htm index 5da7281a8..20327adff 100644 --- a/modules/luci-mod-admin-full/luasrc/view/admin_uci/revert.htm +++ b/modules/luci-mod-admin-full/luasrc/view/admin_uci/revert.htm @@ -18,10 +18,12 @@

<%:There are no pending changes to revert!%>

<% end %> -
-
"> - -
-
+<% local node, url = luci.dispatcher.lookup(luci.http.formvalue("redir")); if url then %> +
+
+ +
+
+<% end %> <%+footer%> diff --git a/themes/luci-theme-bootstrap/luasrc/view/themes/bootstrap/header.htm b/themes/luci-theme-bootstrap/luasrc/view/themes/bootstrap/header.htm index 78b98e035..0441c9583 100644 --- a/themes/luci-theme-bootstrap/luasrc/view/themes/bootstrap/header.htm +++ b/themes/luci-theme-bootstrap/luasrc/view/themes/bootstrap/header.htm @@ -147,7 +147,7 @@ if ucichanges > 0 then write('%s: %d' %{ url(category, 'uci/changes'), - http.urlencode(http.formvalue('redir') or REQUEST_URI), + http.urlencode(http.formvalue('redir') or table.concat(disp.context.request, "/")), translate('Unsaved Changes'), ucichanges }) diff --git a/themes/luci-theme-freifunk-generic/luasrc/view/themes/freifunk-generic/header.htm b/themes/luci-theme-freifunk-generic/luasrc/view/themes/freifunk-generic/header.htm index 342a9d408..818565528 100644 --- a/themes/luci-theme-freifunk-generic/luasrc/view/themes/freifunk-generic/header.htm +++ b/themes/luci-theme-freifunk-generic/luasrc/view/themes/freifunk-generic/header.htm @@ -205,7 +205,7 @@ if tree.nodes[category] and tree.nodes[category].ucidata then -%> <% end %> diff --git a/themes/luci-theme-material/luasrc/view/themes/material/header.htm b/themes/luci-theme-material/luasrc/view/themes/material/header.htm index d84fd278a..be7b9ffb8 100644 --- a/themes/luci-theme-material/luasrc/view/themes/material/header.htm +++ b/themes/luci-theme-material/luasrc/view/themes/material/header.htm @@ -172,7 +172,7 @@ if ucichanges > 0 then write('%s: %d' %{ url(category, 'uci/changes'), - http.urlencode(http.formvalue('redir') or REQUEST_URI), + http.urlencode(http.formvalue('redir') or table.concat(disp.context.request, "/")), translate('Unsaved Changes'), ucichanges }) diff --git a/themes/luci-theme-openwrt/luasrc/view/themes/openwrt.org/header.htm b/themes/luci-theme-openwrt/luasrc/view/themes/openwrt.org/header.htm index ae348f385..d6db8e885 100644 --- a/themes/luci-theme-openwrt/luasrc/view/themes/openwrt.org/header.htm +++ b/themes/luci-theme-openwrt/luasrc/view/themes/openwrt.org/header.htm @@ -104,7 +104,7 @@ if ucic > 0 then write('%s: %d' %{ url(category, 'uci/changes'), - http.urlencode(http.formvalue('redir') or REQUEST_URI), + http.urlencode(http.formvalue('redir') or table.concat(disp.context.request, "/")), translate('Unsaved Changes'), ucic })