ZaneYork
/
zoneminder
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
zoneminder/web/skins/classic/views
History
Matthew Noorenberghe 02f09aad7f view=export: Remove inline event handlers and fix arbitrary URL/XSS usage. Fixes #2443 2019-02-09 02:01:26 -08:00
..
js view=export: Remove inline event handlers and fix arbitrary URL/XSS usage. Fixes #2443 2019-02-09 02:01:26 -08:00
_monitor_filters.php Replace remaining `console` inline event handlers (#2432) 2019-01-21 11:11:40 -05:00
_monitor_source_nvsocket.php fix nvsocket 2017-11-13 14:25:19 -08:00
add_monitors.php make find and find_one functions consistent across Objects 2018-09-07 16:31:11 -04:00
bandwidth.php Add a CSP script-src policy with nonce-source and convert more inline event handlers (#2413) 2019-01-16 09:59:58 -05:00
blank.php More inline JS / nonce conversions (#2415) 2019-01-18 09:51:06 -05:00
console.php Replace remaining `console` inline event handlers (#2432) 2019-01-21 11:11:40 -05:00
control.php skins/classic/views/control.php second order sqli (#2422) 2019-01-19 09:46:21 -05:00
controlcap.php controlcap.php: Reflected xss fix with validHtmlStr (#2423) 2019-01-19 09:43:28 -05:00
controlcaps.php Fix name/protocol XSS in controlcaps.php. Fixes #2445 (#2479) 2019-01-25 08:35:07 -05:00
controlpreset.php Add a CSP script-src policy with nonce-source and convert more inline event handlers (#2413) 2019-01-16 09:59:58 -05:00
cycle.php Fix #2391 by defining monitor variable (#2392) 2019-01-05 10:20:34 -05:00
device.php Add a CSP script-src policy with nonce-source and convert more inline event handlers (#2413) 2019-01-16 09:59:58 -05:00
devices.php Add a CSP script-src policy with nonce-source and convert more inline event handlers (#2413) 2019-01-16 09:59:58 -05:00
donate.php Add a CSP script-src policy with nonce-source and convert more inline event handlers (#2413) 2019-01-16 09:59:58 -05:00
download.php view=download: Validate the eid parameter to avoid XSS. Fixes #2442 2019-02-09 01:37:32 -08:00
error.php Add a CSP script-src policy with nonce-source and convert more inline event handlers (#2413) 2019-01-16 09:59:58 -05:00
event.php Add a CSP script-src policy with nonce-source and convert more inline event handlers (#2413) 2019-01-16 09:59:58 -05:00
eventdetail.php Add a CSP script-src policy with nonce-source and convert more inline event handlers (#2413) 2019-01-16 09:59:58 -05:00
events.php fix buttons on events page. data-onclick-this to data-on-click-this 2019-02-07 08:56:48 -05:00
export.php view=export: Remove inline event handlers and fix arbitrary URL/XSS usage. Fixes #2443 2019-02-09 02:01:26 -08:00
filter.php fix CSP policy violations on filters view 2019-02-06 13:55:19 -05:00
frame.php Use buttons instead of anchor tags for Prev/Next/FIrst/Last buttons 2018-11-14 15:54:34 -05:00
frames.php Add a CSP script-src policy with nonce-source and convert more inline event handlers (#2413) 2019-01-16 09:59:58 -05:00
function.php Add a CSP script-src policy with nonce-source and convert more inline event handlers (#2413) 2019-01-16 09:59:58 -05:00
group.php More inline JS / nonce conversions (#2415) 2019-01-18 09:51:06 -05:00
groups.php Add a CSP script-src policy with nonce-source and convert more inline event handlers (#2413) 2019-01-16 09:59:58 -05:00
image-ffmpeg.php Merge branch 'master' into storageareas 2017-07-21 11:04:32 -04:00
log.php Add a CSP script-src policy with nonce-source and convert more inline event handlers (#2413) 2019-01-16 09:59:58 -05:00
login.php When logging in, stay on the login view 2019-01-21 11:17:09 -05:00
logout.php logout view should go to logout view 2019-01-16 12:23:18 -05:00
monitor.php fix validateForm running on monitor cancel due to lack of type=button on cancel button 2019-02-08 09:55:32 -05:00
monitorpreset.php Add a CSP script-src policy with nonce-source and convert more inline event handlers (#2413) 2019-01-16 09:59:58 -05:00
monitorprobe.php Add a CSP script-src policy with nonce-source and convert more inline event handlers (#2413) 2019-01-16 09:59:58 -05:00
monitors.php Add a CSP script-src policy with nonce-source and convert more inline event handlers (#2413) 2019-01-16 09:59:58 -05:00
montage.php Add a CSP script-src policy with nonce-source and convert more inline event handlers (#2413) 2019-01-16 09:59:58 -05:00
montagereview.php Fix CSP violation in the onclick of the monitor view in montagereview 2019-02-06 12:17:10 -05:00
none.php Filter improvements (#2438) 2019-01-23 11:30:51 -05:00
onvifprobe.php Add a CSP script-src policy with nonce-source and convert more inline event handlers (#2413) 2019-01-16 09:59:58 -05:00
optionhelp.php Add a CSP script-src policy with nonce-source and convert more inline event handlers (#2413) 2019-01-16 09:59:58 -05:00
options.php Fix duplicate 'class' attribute in options (#2418) 2019-01-18 10:05:44 -05:00
plugin.php plugin.php: Remove undefined onclick function reference and enforce CSP 2019-01-23 19:47:58 -08:00
postlogin.php turn into a url instead of boolean. Use it to refresh the options page on change so that changes are instantly noticable 2018-01-28 15:13:57 -05:00
privacy.php Add a CSP script-src policy with nonce-source and convert more inline event handlers (#2413) 2019-01-16 09:59:58 -05:00
report_event_audit.php add fileSize to the api, and use it to add remote fileSize reporting in includes/Event 2018-05-08 13:33:56 -07:00
server.php Add a validateForm event listener and enforce CSP on some views (#2425) 2019-01-19 09:41:53 -05:00
settings.php Add a CSP script-src policy with nonce-source and convert more inline event handlers (#2413) 2019-01-16 09:59:58 -05:00
state.php fix state actions 2019-02-05 12:35:06 -05:00
stats.php update gpl 2 mailing address in source files 2016-12-26 09:23:16 -06:00
status.php fix state changing/etc 2019-01-30 14:36:46 -05:00
storage.php Add a validateForm event listener and enforce CSP on some views (#2425) 2019-01-19 09:41:53 -05:00
timeline.php specify E.* in query because otherwise it uses M.Id for Id 2018-04-20 14:25:38 -04:00
user.php Filter improvements (#2438) 2019-01-23 11:30:51 -05:00
version.php update buttons. reduce duplicated code. Make it so that users with System=View can at least see if there is an update. 2019-01-31 09:40:19 -05:00
video.php Add a CSP script-src policy with nonce-source and convert more inline event handlers (#2413) 2019-01-16 09:59:58 -05:00
watch.php spacing, remove non html5 elements 2019-01-25 09:22:08 -05:00
zone.php Add a CSP script-src policy with nonce-source and convert more inline event handlers (#2413) 2019-01-16 09:59:58 -05:00
zones.php Fix zones.php self-xss. Fixes #2444 2019-01-24 23:40:41 -08:00