Commit Graph

2216 Commits

Author SHA1 Message Date
Matt N 4e48939660 Add a validateForm event listener and enforce CSP on some views (#2425)
* Add a validateForm event listener and enforce CSP on the controlcap view

* filter.php: Use .validateFormOnSubmit

* server.php: Use .validateFormOnSubmit and fix makePopupButton condition check

* Use .validateFormOnSubmit and enforce CSP on the storage view
2019-01-19 09:41:53 -05:00
Matt N 43a1725060 Fix duplicate 'class' attribute in options (#2418) 2019-01-18 10:05:44 -05:00
Matt N eef113b6a7 Convert some characters to HTML entities (#2417) 2019-01-18 10:02:48 -05:00
Matt N deaf651aad Fix eslint violations (#2416)
* Add more JS libraries to eslintignore

* eslint . --fix

Automatic fixes only

* frame.js: eslint fixes

* events.js: manual eslint fixes

* skin.js: manual eslint fixes

* watch.js: manual eslint fixes

* Remove some tabs used for indentation in JS

* state.js: Fix new-cap eslint violation

* Disable guard-for-in eslint rule to get everything passing
2019-01-18 10:00:55 -05:00
Matt N 6bb5aa1b87 More inline JS / nonce conversions (#2415)
* monitor.php: Add nonce and move <script> inside </body>

* export_functions.php: Untested: Add @nonce to <script>

* blank.php: Add @nonce to <script> and add to CSP enforced views

* Enforce CSP on login and privacy views

* group.php: Add nonce and move <script> inside </body>

* filter.php: Add @nonce to <script>

* Fix updateButtons argument on the filter page upon change and page load

* events.php: Add @nonce to <script>
2019-01-18 09:51:06 -05:00
Isaac Connor 599769b701 rework logic of functions to be more verbose about errors. Implement javascript Nonce support when view=none 2019-01-17 08:50:33 -05:00
Isaac Connor a7db6f08f5 single vs double quotes 2019-01-16 13:47:50 -05:00
Isaac Connor 42076ad09b Merge branch 'master' of github.com:ZoneMinder/ZoneMinder 2019-01-16 13:46:01 -05:00
Isaac Connor a2c23d3263 Need nonce in inline script setting display css 2019-01-16 13:45:26 -05:00
Isaac Connor e156a6cda0 logout view should go to logout view 2019-01-16 12:23:18 -05:00
Matt N d33fec9c3f Add a CSP script-src policy with nonce-source and convert more inline event handlers (#2413)
* Add Content-Security-Policy-Report-Only: script-src 'self' 'nonce-' policy

* Use @data-on-click-this to attach inline click event handlers which expect being called with 'this'

Only handle ones that don't return a value.

* Use @data-on-click to attach inline click event handlers with no args and no return value

* Use @data-on-click-true to attach inline click event handlers with 'true' as the only argument

* Enforce a script-src CSP on views without inline JS

* Convert some onchange attributes to data-on-change
2019-01-16 09:59:58 -05:00
Isaac Connor fd696bc066 Merge branch 'master' of github.com:ZoneMinder/ZoneMinder 2019-01-15 11:38:56 -05:00
Isaac Connor ac27005944 remove debug 2019-01-15 11:38:43 -05:00
Isaac Connor 07c7c271a6 prevent error when event has no frames. Fix PathToIndex() -> PathToIndex. Fixes #2411 2019-01-15 11:38:19 -05:00
Matt N 083f284599 Replace onclick inline event handlers for createPopup (#2410)
* Move <script> before </body>

* Change makePopupLink to not use onclick

* Change makePopupButton to not use onclick

* Use .popup-link in control_functions.php

* Use makePopupButton in controlcaps.php

* Prevent double-encoding in makePopup*

* Use makePopupButton in devices.php

* Use makePopupButton in logout.php

* Use makePopupLink in monitor.php

* Use makePopupLink and .popup-link in montage.php

* Use makePopupButton in options.php

* Use makePopupButton, makePopupLink, and .popup-link in zones.php
2019-01-15 09:01:58 -05:00
Isaac Connor a282b487d1 load Help from Config as it is not longer always loaded into ram. 2019-01-11 13:55:03 -05:00
Isaac Connor b373577589 fix function view after actions cleanup 2019-01-10 12:08:25 -05:00
Isaac Connor 1d54216e80 spacing 2019-01-09 16:23:58 -05:00
Isaac Connor c1e4fbac6a extend input path and options to the full width of the popup 2019-01-09 12:37:42 -05:00
Isaac Connor 2d03583b78 Merge branch 'master' of github.com:ZoneMinder/ZoneMinder 2019-01-08 13:12:42 -05:00
Isaac Connor ffa37d8c10 Fix margins on replayControl 2019-01-08 13:12:35 -05:00
Isaac Connor 3f5a2a2aa6 disable delete button when event is archived. 2019-01-07 15:56:23 -05:00
David Beitey e6ba8e58ef Fix #2391 by defining monitor variable (#2392) 2019-01-05 10:20:34 -05:00
Isaac Connor 5b5905c83a We always use markEids[] now 2019-01-04 16:29:16 -05:00
Isaac Connor de0ef6ce43 Merge branch 'master' into split_actions 2019-01-04 15:55:54 -05:00
Isaac Connor e72e4e7ce4 Spacing, remove some html4 stuff, clean up duplicated hidden form elements. 2019-01-04 15:52:36 -05:00
Isaac Connor 5b9bf48945 Merge branch 'master' into split_actions 2019-01-04 09:35:54 -05:00
Isaac Connor dbe9817bc8 Split actions.php into individual files per view 2019-01-04 09:26:34 -05:00
Andrew Bauer 225fca08e3
Merge pull request #2379 from connortechnology/improve_config_efficiency
Improve config efficiency
2019-01-02 19:34:34 -06:00
Isaac Connor 874930d8fc Merge branch 'master' into improve_config_efficiency 2019-01-02 13:07:53 -05:00
Isaac Connor 99471836b7 Use monitor's serverId when loading server object so that images load from recording server. 2019-01-02 11:28:12 -05:00
Isaac Connor 8a1707a615 Add monitorServerId array to provide server info for each monitor so that we can load images from the recording server. 2019-01-02 11:27:46 -05:00
Isaac Connor 79113a6869 Add a default Server object to handle non-multi-server case 2019-01-02 10:56:40 -05:00
Isaac Connor 101f24feb5
Update area when editing x and y coords (#2366) 2018-12-27 14:28:14 -05:00
Andrew Bauer 27dd8166ea
Merge pull request #2362 from connortechnology/small_groups_fixes
Small groups fixes
2018-12-24 11:30:57 -06:00
Isaac Connor e0a9c4a21e fix event popup detection 2018-12-24 11:23:58 -05:00
Isaac Connor 68adc289fe Fix colspan count now that depth is zero-based 2018-12-24 09:40:23 -05:00
Isaac Connor 0cce0a642b Update chosen library to 1.8.7 2018-12-24 09:37:49 -05:00
Isaac Connor 1130d6650a Fix spacing and pass popup to previous/next event so that popups stay as popups 2018-12-21 10:50:19 -05:00
Andrew Bauer 21a98f3653 Merge branch 'remove_default_view' of https://github.com/connortechnology/ZoneMinder into connortechnology-remove_default_view 2018-12-11 09:44:13 -06:00
Isaac Connor 278abbc201 Merge branch 'master' into remove_default_view 2018-12-11 10:37:26 -05:00
Andrew Bauer 3cf6bf1786
Merge pull request #2243 from connortechnology/add_archive_filter_to_montagereview
Rough in an archived status filter in montagereview.
2018-12-11 09:36:35 -06:00
Andrew Bauer fe5cb4bfdc
Merge pull request #2283 from connortechnology/warn_colour_when_disabled
Use a warning colour when motion detection is disabled.
2018-12-11 09:36:07 -06:00
Andrew Bauer 4d7e98475f
Merge pull request #2297 from connortechnology/introduce_getBodyTopHTML
Introduce get body top html
2018-12-11 09:35:54 -06:00
Andrew Bauer c530337c50
Merge pull request #2331 from connortechnology/fix_ios9
Fix ios9
2018-12-11 09:29:50 -06:00
Isaac Connor 1e8c4276bb fix #2319 some more. This is fixing rate sticking across gapless events and reload 2018-12-10 17:32:17 -05:00
Isaac Connor 9ffd77428a fix paths to jquery-ui-theme components, thereby upgrading them to the proper version. This fixes the datetime filters not being shown on skins that don't specify a custom theme for jquery-ui 2018-12-05 09:05:10 -05:00
Isaac Connor 18ce7c9ea0 Old browsers, specifically Safari on IOS9 doesn't support let. Need to use var instead. 2018-12-03 15:17:16 -05:00
Isaac Connor 17551eacee Merge branch 'server_path_prefix' 2018-11-29 14:27:32 -05:00
Isaac Connor 1c17f334d3 fix missing bits. Implement UrlToIndex in Monitor and fix use of Url(). Implement PathToApi as well 2018-11-29 14:26:30 -05:00