librenms

clones/librenms

Fork 0

mirror of https://github.com/librenms/librenms.git synced 2024-09-21 18:38:25 +00:00

Commit Graph

Author	SHA1	Message	Date
Tony Murray	e99f421511	Remove legacy auth usage of $_SESSION (#10491 ) * Remove auth use of $_SESSION Will break plugins that depend on $_SESSION, Weathermap was already fixed. Port them to use Auth::check()/Auth::user()/Auth:id() * revert accidental replacement	2019-08-05 14:16:05 -05:00
Tony Murray	3ead462549	Enable CSRF protection (#10447 ) * Enable CSRF protection * fix style issues	2019-07-17 07:20:26 -05:00
Tony Murray	36431dd296	Security fix: unauthorized access (#10091 ) * Security fix: unauthorized access Affects nginx users: Moved php files outside of public html directory (Apache was protected by .htaccess) Affects all users: Some files did not check for authentication and could disclose some info. Better checks before including files from user input * git mv html/includes/ includes/html git mv html/pages/ includes/html/	2019-04-11 23:26:42 -05:00

Author

SHA1

Message

Date

Tony Murray

e99f421511

Remove legacy auth usage of $_SESSION (#10491 )

* Remove auth use of $_SESSION

Will break plugins that depend on $_SESSION, Weathermap was already fixed.
Port them to use Auth::check()/Auth::user()/Auth:id()

* revert accidental replacement

2019-08-05 14:16:05 -05:00

Tony Murray

3ead462549

Enable CSRF protection (#10447 )

* Enable CSRF protection

* fix style issues

2019-07-17 07:20:26 -05:00

Tony Murray

36431dd296

Security fix: unauthorized access (#10091 )

* Security fix: unauthorized access
Affects nginx users:
Moved php files outside of public html directory (Apache was protected by .htaccess)

Affects all users:
Some files did not check for authentication and could disclose some info.
Better checks before including files from user input

* git mv html/includes/ includes/html
git mv html/pages/ includes/html/

2019-04-11 23:26:42 -05:00

3 Commits