1
0
mirror of https://github.com/pi-hole/pi-hole synced 2024-12-22 14:58:08 +00:00
Commit Graph

73 Commits

Author SHA1 Message Date
Craig Mayhew
95a28ae125 unset() now also occurs for $splashPage
After some email discussion with Adam, there is a preference to also prevent $splashPage from using variables

Signed-off-by: craigmayhew <craig@mayhew.io>
2020-10-28 18:32:46 +00:00
Craig Mayhew
e5c7549f8f Fixed potential security issue with $landPage receiving variables
Signed-off-by: craigmayhew <craig@mayhew.io>
2020-10-27 14:49:46 +00:00
Michael Paul Killian
5eabf4255b
Sign-off for DCO
Signed-off-by: Michael Paul Killian <spammyreset-github@gmail.com>
2020-09-06 13:53:03 +02:00
Michael Paul Killian
538827397c
Update index.php
See #3736
2020-09-06 11:51:33 +02:00
Nathan Friend
5a48478196
Update "About Pi-hole" link
Signed-off-by: Nathan Friend <nathan@gitlab.com>
2020-08-01 20:00:49 -05:00
XhmikosR
d90313fe4d Fix/tweak blocking page
* fix favicon
* add meta charset
* add html lang
* add a page title
* remove unneeded html end tags
* fix viewport tag to allow zooming
* compress the "blocked by Pi-hole" SVG
* remove trailing spaces
* switch to double colon pseudo elements (works from IE9 and newer)
* add missing vendor prefixes
* other minor tweaks
* add `Access-Control-Allow-Origin` header to all font types

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
2020-05-31 15:54:11 +03:00
Matthias Schoettle
308eb5eda5 Fixes broken blocking page and landing page when changing server port and/or hostname.
See issues #2195 and #2720.

Signed-off-by: Matthias Schoettle <git@mattsch.com>
2020-04-10 12:29:01 -04:00
DL6ER
276b191845
Remove dead code causing failure from the blocking page.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-01-19 21:39:49 +01:00
Mcat12
3ebd43ebf0
Remove outdated adlists.list check and fix empty adlists error message
Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
2019-07-19 17:39:00 -07:00
Mcat12
2b5033e732
Add missing spaces found by linter
Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
2019-07-04 13:49:39 -07:00
Mcat12
f1733f9c5d
Fetch adlists for the block page from gravity.db
Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
2019-07-04 13:11:46 -07:00
Nils Bergmann
cd9fadbc44
Remove protocol determination
No protocol determination is neede, if you just use double slash.

Signed-off-by: Nils Bergmann <nilsbergmann@noim.io>
2019-02-16 15:32:56 +01:00
Patrik Cyvoct
85cf98888d
Merge remote-tracking branch 'origin/development' into ipv6_brackets
Signed-off-by: Patrik Cyvoct <patrik@ptrk.io>
2018-08-22 09:31:54 +02:00
Patrik Cyvoct
048e5bb9a2
Remove external ipv6 brackets if any in servername
Signed-off-by: Patrik Cyvoct <patrik@ptrk.io>
2018-08-22 09:11:55 +02:00
Alex Villarreal
e422f4154f Clean error message on successful response
Signed-off-by: Alejandro Villarreal <alex@alexvy86.com>
2018-06-11 12:59:53 -05:00
Rob Gill
382c19024f
oh stickler bot...
accidentally a space

Signed-off-by: Rob Gill <rrobgill@protonmail.com>
2018-05-12 10:53:44 +10:00
Rob Gill
9379487942
changes as requested
changes as requested 

Signed-off-by: Rob Gill <rrobgill@protonmail.com>
2018-05-12 10:49:01 +10:00
Rob Gill
5e99baf7b9
Update index.php
thanks stickler-ci  .......

Signed-off-by: Rob Gill <rrobgill@protonmail.com>
2018-05-11 14:52:30 +10:00
Rob Gill
31951dae4c
Update index.php
Avoiding calling empty() on a function allows this to work under PHP5. Making the check for blocklist generation in this way instead is compatible with both PHP5 and PHP7.

Signed-off-by: Rob Gill <rrobgill@protonmail.com>
2018-05-11 14:31:42 +10:00
Dan Schaper
34d84522dd
Merge pull request #2054 from theLMGN/patch-1
Link to the admin panel on the splash page.
2018-03-28 20:08:39 -07:00
Leo MG Nesfield (LMGN)
bfcbd72e4b
Link to the admin panel on the splash page. 2018-03-23 16:17:31 +00:00
Mcat12
8a42ef431b
Fix Javascript warning when no password is set
Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
2018-02-11 21:49:12 -05:00
Mcat12
2cf1f0e8fc
Hide the password input when there is no password
Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
2018-02-11 14:07:02 -05:00
Mcat12
1a5c86d32e
Revert "Hide password textbox if there is no password"
This reverts commit 009fa2f1b7.
2018-01-23 20:28:43 -05:00
Mcat12
c7219fbdff
Merge remote-tracking branch 'origin/development' into tweak/block-page-no-password 2018-01-21 09:09:36 -05:00
Keith Bentrup
45ab2a3d7a send HTTP headers before HTML
Signed-off-by: Keith Bentrup <keith@keithbentrup.com>
2017-12-09 17:03:20 -05:00
Mcat12
009fa2f1b7
Hide password textbox if there is no password 2017-11-01 21:30:14 -04:00
WaLLy3K
2c091f3a3c Merge branch 'development' into cors_mixed_content_fix 2017-10-08 12:22:14 +11:00
Mcat12
e7589945a2 Disable password field if no password is set
For someone to actually whitelist a domain without a password, more changes will
be needed on the PHP side.
2017-10-07 16:41:30 -04:00
WaLLy3K
97dd1b4cf3 Improve FQDN Authorized Hosts functionality
* Use inverse if statement, instead of IF/ELSE when checking setupVars.conf
* Remove $svFQDN
* Add or elaborate on more comments
* Add $serverName to $authorizedHosts if admin has specified `setenv.add-environment = ("fqdn" => "true")` within lighttpd's external.conf
    * e.g: `$HTTP["host"] == "pihole.domain.com" { setenv.add-environment = ("fqdn" => "true") }`
* Move "No exact results" check to top of exception handling
* Remove unnecessary IF/ELSE when handling $queryAds error

Signed off by WaLLy3K <wally3k@pi-hole.net>
2017-10-04 00:46:51 +11:00
andofrjando
6323d5afed
Use PHP short echo tag to avoid Codacy expecting an escaping function 2017-09-22 07:15:03 +08:00
andofrjando
5e48b3f7f7
Fix one mistake where $proto would not be created if $_SERVER['HTTPS'] exists but is not set to on 2017-09-16 11:24:38 +08:00
andofrjando
00d62b3423
This fixes the following bug:
If Pi-Hole is behind a reverse proxy that uses SSL, then the block page will not load resources such as `blockingpage.css` and `jquery.min.js` as the insecure `http://` is hard coded. Browsers will block attempts to load insecure resources if the page is loaded of SSL.
The fix is acheived by checking `$_SERVER['HTTPS']` and setting the variable `$proto` to either `http` or `https`. The harcoded `http` is replaced by the contents of this variable.
2017-09-16 10:24:37 +08:00
WaLLy3K
49aee8b931 Fixed development branch check 2017-07-19 12:26:00 +10:00
WaLLy3K
f2a3b557c8 Updated Block Page to work with queryFunc output 2017-07-19 00:15:59 +10:00
WaLLy3K
69fa9874dd Use HTTP_HOST instead of SERVER_NAME
* Fixes https://github.com/pi-hole/pi-hole/issues/1479
2017-05-18 18:54:26 +10:00
WaLLy3K
f9d41caeb6 Merge branch 'development' into blockpage2 2017-05-13 23:29:44 +10:00
0412465564
31d5a7ae9e whitelist on website blocked doesnt work (#1452)
Since Pi-hole redirects ad domains to itself, accessing the script via de.ign.com is the same as pi.hole in this case. The fix should be as simple as adding a / before admin on this line.
2017-05-12 22:29:07 +02:00
WaLLy3K
1c2aa44d46 Provide notice message for whitelisted sites 2017-05-11 20:10:40 +10:00
WaLLy3K
173ad339bb Update CSS location 2017-05-08 19:33:45 +10:00
WaLLy3K
4d731ca30b Updated landing page location
During development, I had the location of `/pihole/index.php` as just `/index.php`. Just correcting some changes!
2017-05-03 15:33:50 +10:00
WaLLy3K
f2016f26d7 Updated splash page CSS href 2017-05-03 15:29:43 +10:00
WaLLy3K
551add5f44 Update index.php
* An "About Pi-hole" link on the block page provides an ELI5 explanation to those not familiar with Pi-hole
* An email contact link on the block page provides users of your Pi-hole with a means to easily get in touch with you
* Browsing to your Pi-hole's address will show a simple "landing page", which can be replaced by adding "landing.php" within "/var/www/html"
* Users manually browsing to file/image based content (i.e: non HTML based content) on blocked sites will be greeted with a small "Blocked by Pi-hole" image
* Sites that are manually blacklisted will display a notice of this on the block page
* Sites that aren't directly blocked, but have a CNAME record, will show a notification on the block page (e.g: If raw.githubusercontent.com is not blocked, but github.map.fastly.net is)
* On the block page, "Back to Safety" now directs the user to "about:home" if Javascript is disabled
* Whitelisting is disabled for installs without a password, or if a client does not have Javascript

* Known issues:
  * Admin Console needs a text field under "Web User Interface" where the admin can enter a preferred contact email when a site needs to be whitelisted, to be saved to setupVars.conf with the key "ADMIN_EMAIL"
  * Admin Console needs a text field under "Networking" where the admin can enter their Pi-hole's externally contactable FQDN, allowing access to their landing page when browsing to mypi.duckdns.org, to be saved to setupVars.conf with the key "FQDN"
  * I am not aware of expected output of `$_SERVER["VIRTUAL_HOST"]`, so I have assumed it should be filtered as if it's a domain
2017-05-02 17:06:31 +10:00
Dan Schaper
bfc4775b34 Merge pull request #1297 from raincoats/development
Redirect to admin panel when accessing 'http://pi.hole/'
2017-04-26 12:35:19 -07:00
DL6ER
f1f70133dc
Populate $ipv4 and $ipv6 + fix small error that prevented blocking page from coming up at all. Fixes #1396 2017-04-20 13:53:27 +02:00
Flo
7e0aa822b6 Match the Pi-hole brand (#1358)
* Update README.md

* Update index.php

* Update basic-install.sh

* Update piholeCheckout.sh

* Update update.sh

* Update CONTRIBUTING.md

* Update the Pi-hole brand tip in CONTRIBUTING.md

Use a better formulation.

* Update README.md 2
2017-04-03 17:29:57 +02:00
DL6ER
ad9575ce18
Recognize more host names 2017-04-03 16:28:18 +02:00
DL6ER
f09c166350
Improve Error 404 page behavior 2017-03-28 14:02:00 +02:00
Flo
6eb9192cd1 Complete site
The start <html>-tag was missing.
2017-03-25 16:11:37 +01:00
raincoats
1590a179fa Change 302 redirect to 301
Change "302 Found" response to "301 Moved Permanently", as "302 Found" is meant for temporary redirects.

Was asked to do so in this comment: https://github.com/pi-hole/pi-hole/pull/1297#issuecomment-284335421
2017-03-09 17:38:56 +11:00