Commit Graph

17 Commits

Author SHA1 Message Date
Matt N d33fec9c3f Add a CSP script-src policy with nonce-source and convert more inline event handlers (#2413)
* Add Content-Security-Policy-Report-Only: script-src 'self' 'nonce-' policy

* Use @data-on-click-this to attach inline click event handlers which expect being called with 'this'

Only handle ones that don't return a value.

* Use @data-on-click to attach inline click event handlers with no args and no return value

* Use @data-on-click-true to attach inline click event handlers with 'true' as the only argument

* Enforce a script-src CSP on views without inline JS

* Convert some onchange attributes to data-on-change
2019-01-16 09:59:58 -05:00
Isaac Connor 1c17f334d3 fix missing bits. Implement UrlToIndex in Monitor and fix use of Url(). Implement PathToApi as well 2018-11-29 14:26:30 -05:00
Isaac Connor a89dd83565 Update to use object instead of db row 2018-11-28 09:55:34 -05:00
Isaac Connor f8b2ff5c77 rework from Url() to PathToIndex(), PathToZMS(), UrlToIndex() and UrlToZMS() 2018-11-27 17:35:25 -05:00
Isaac Connor c5f7fb7b18 Merge branch 'master' into server_path_prefix 2018-11-22 10:04:33 -05:00
Isaac Connor b1fe80a0bd Add JSON/MaybeXS to dependencies, replacing JSON/Any 2018-08-30 18:30:33 -04:00
Isaac Connor d051342e9f Add PathPrefix 2018-07-09 12:10:29 -04:00
Isaac Connor 06673019f9 add default values for zmstats, zmaudit, zmtrigger in new Server 2018-01-29 10:41:43 -08:00
Isaac Connor 1fbb5bc0f8 Fix zmaudit.pl => zmaudit, etc. 2018-01-17 14:22:04 -05:00
Isaac Connor 156bdbd089 Add zmstats, zmaudit, zmtrigger flags to Server object listing/editing 2018-01-10 12:59:27 -05:00
Isaac Connor 5c0d8384d9 code style and quotes 2017-10-16 08:31:35 -07:00
Andy Bauer 254fcbcef7 update gpl 2 mailing address in source files 2016-12-26 09:23:16 -06:00
Isaac Connor 99dfaa97fa User Name instead of ServerName and Hostname instead of ServerHostname 2016-01-08 10:15:21 -05:00
Isaac Connor fc85ccbf5f Set value for Hostname to avoid php warning. fix save button. Can't use it to pass action value because it gets translated. 2015-11-11 16:43:23 -05:00
Isaac Connor c415399043 add Hostname to Server 2015-09-17 15:35:27 -04:00
Isaac Connor b3240bbc8f set name=action on submit tag, and remove stuff that we don't want right now 2015-08-16 12:21:52 -04:00
Isaac Connor 9117e2949a add server.php. 2015-08-16 10:52:47 -04:00