kakwa
2df56d2de2
fix template over-escaping + python 3 support
...
The templates were html escaping the generated js code for the
autofill and the role management. This was breaking these features.
It's okay to not escape these as they are coming from a trusted source
(configuration file).
Also make the templates python3 compatible (not need to import Set in
python 3)
2019-02-06 21:38:11 +01:00
John Thiltges
c6cce54d5f
Escape form values with markupsafe
...
- Use markupsafe to format escaped HTML fragments
- Correct the formatting problems introduced with the XSS fixes
2019-01-03 13:12:53 -06:00
John Thiltges
6f98076281
Protect against XSS vulnerabilities in URL redirection
...
- Switch from base64 to URL encoding for the passing the URL, using the built-in Mako filtering
- Apply HTML filtering to Mako output by default
- Disable HTML filtering for nested templates in adduser, modify, and selfmodify
2019-01-02 14:31:10 -06:00
kakwa
2e2453f309
fix camelcase
2017-04-06 01:26:54 +02:00
kakwa
bbb13454bf
more warning removal
2017-04-06 01:21:57 +02:00
kakwa
3378822d2e
fix some warnings
2017-04-06 01:20:51 +02:00
kakwa
6e526b6f15
hack to have a cleaner resize
2017-04-06 00:32:24 +02:00
kakwa
de5f760c37
removing duplicate option in form select fields
2017-04-05 23:37:41 +02:00
kakwa
a33a46e8b8
add dynamic resizing to align input-group-addon
...
* add class to identify the 2 form columns
* add a js that calculate max width and resize all input-group-addon
spans
* load the js in the base template
2017-04-05 23:24:19 +02:00
Stan Rudenko
f7f72c7e11
adding textarea
2017-03-02 18:47:49 -08:00
kakwa
07a60823ad
Merge branch 'master' of https://github.com/kakwa/ldapcherry
2016-07-29 23:06:09 +02:00
kakwa
5ff62f0a8c
fix ppolicy client side javascript checker
...
Due to a missing encodeURIComponent, the post arguments of the
http query on /checkppolicy could be interpreted as several argument if
caracters like & or = were present.
This commit also adds error handling on http return codes in the
checker.
2016-07-29 23:00:16 +02:00
pcarpent
37925b196b
admin search if admin in navbar
...
Now LdapCherry Administrator are displayed the searchadmin page
(the one displaying the modify and remove buttons) when they use
the navbar search.
2016-07-29 11:12:30 +02:00
kakwa
408f75c449
add ldapcherry icon in navbar linked to /
2016-07-10 08:58:16 +02:00
kakwa
abf3d5dea9
focus on first field for all forms
...
previously, only the add form had focus on first field. Now every form
(add, modifify, selfmodify) have focus on first field.
2016-07-10 08:54:59 +02:00
kakwa
f3fabe502e
disable min search lenght for admin search
2016-07-10 08:10:19 +02:00
kakwa
0beac119f9
fix many error with html unescaped attributes
2016-07-08 21:46:00 +02:00
kakwa
685031ef15
bolding the user's attributes
2016-07-07 08:15:50 +02:00
kakwa
80fa310f37
change the display form of the user's attributes
2016-07-07 08:11:50 +02:00
kakwa
ebc5b69374
implement the display of users attributes on index page
2016-07-07 08:01:57 +02:00
kakwa
c64bb11504
add a default handler for 404 requests
2016-07-06 22:50:59 +02:00
kakwa
655ccabd79
force focus on the first input of forms
2016-07-06 21:22:48 +02:00
kakwa
baee15c40f
properly implementing minimum lenght limit in search
2016-07-06 20:47:33 +02:00
kakwa
3b6cf61b93
grotesque hacks to disable firefox autofilling of the forms
2016-07-06 20:37:24 +02:00
kakwa
9edc7e545a
increment version + changelog + copyright to 2016
2016-07-05 20:33:06 +02:00
kakwa
28479f7202
Merge branch 'master' of https://github.com/kakwa/ldapcherry
2016-07-05 20:28:04 +02:00
kakwa
9a5aa03de6
adding a little js for min lenght search
...
* impose a min lenght of 3 chars on searches, at least on the client
side...
2016-07-05 20:26:29 +02:00
kakwa
43e4231be8
using POST instead of default GET... oups... sorry
2016-07-05 20:02:58 +02:00
kakwa
e45c0e862e
reindent javascript
2016-07-05 19:57:35 +02:00
Yuusuke KOUNOIKE
268c8f935b
maxuid is not 'max'.
2016-06-19 01:48:50 +09:00
kakwa
921eef4b04
implementing default value in form
2016-06-16 22:11:48 +02:00
kakwa
55cd8529c3
adding special treatment if field is not required for ppolicy
2015-11-02 23:43:51 +01:00
kakwa
7a1fb0dc8c
modifying the templates to include custom ppolicy error message
2015-11-02 23:25:01 +01:00
kakwa
27e05ac7f2
adding piece of javascript to display custom ppolicy messages
2015-11-02 23:24:35 +01:00
kakwa
8833fe6df6
update validator.js
2015-11-02 23:12:12 +01:00
kakwa
2451b2efdd
adding notification after an action is performed
2015-10-28 23:11:23 +01:00
kakwa
61df2094c4
implementing custom js
2015-08-09 10:35:28 +02:00
kakwa
efcaad54fc
multiple modification/fix
...
* add display_name parameter for backend
* handle display_name in modify template (lonely groups) and error
message
* fix bug in modify when user is in only one backend
* remove redondant exception in ad/ldap backend
* fix unit test accordingly
* fix License in AD backend (GPLv3 -> MIT, previously tought of using
samba4 python library which is GPL, but this module finaly uses
python-ldap which is MIT compatible)
2015-07-31 20:08:21 +02:00
kakwa
1703dc9a33
adding global exception handler
2015-07-14 23:37:20 +02:00
kakwa
04c294e038
disable autofill for modify forms
2015-07-10 20:11:07 +02:00
kakwa
6dd81f5a91
implementing various autofill javascript functions
2015-07-08 01:55:31 +02:00
kakwa
d9e33364ca
implementing lcDisplayName
2015-07-08 00:59:23 +02:00
kakwa
3cbdfe62ec
using onchange instead on onkeyup
2015-07-08 00:57:03 +02:00
kakwa
5dc8011749
implement hooks to call autofill functions
2015-07-08 00:43:58 +02:00
kakwa
665195fef4
adding autofill js file in base templates
2015-07-08 00:43:26 +02:00
kakwa
2d06e14d63
adding skeleton of autofill functions
2015-07-08 00:42:53 +02:00
kakwa
af4e24218e
adding js to replace diacritic char in js
2015-07-06 10:18:51 +02:00
kakwa
1f0cc50d58
adding a redirected to the originaly requested page on login
...
user not authenticated and requesting an url are redirected to
the signin page with the requested page url as the query string (in
base64). It permits to redirect them to the requested page once they
've log in.
2015-07-06 07:58:27 +02:00
kakwa
56eeea61f7
fix html in error template
2015-07-05 23:07:24 +02:00
kakwa
405367fd75
various fixes in html + unit tests on html
2015-07-05 17:50:42 +02:00