* [git.ipfire.org] IPFire 2.x development tree branch, next, updated. eebf365a5145e16a85b5a49337ab496fed3fbe78
@ 2026-05-27 15:32 Michael Tremer
0 siblings, 0 replies; only message in thread
From: Michael Tremer @ 2026-05-27 15:32 UTC (permalink / raw)
To: ipfire-scm
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
via eebf365a5145e16a85b5a49337ab496fed3fbe78 (commit)
via 5cc28b941e85637adba68bea9bc2caa866678241 (commit)
via a6c585b677e3c4b5bdcf0ea8c3886c9cb20ae623 (commit)
from e5a6fe6a944fdc68999a978ce983bee942722730 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit eebf365a5145e16a85b5a49337ab496fed3fbe78
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Wed May 27 16:32:25 2026 +0100
core203: Ship the entire web UI again
Since we have now been adding so many files, it is easier to ship the
whole thing again.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 5cc28b941e85637adba68bea9bc2caa866678241
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Wed May 27 16:30:44 2026 +0100
header.pl: Drop cleanhtml()
This function was pretty much doing what escape() is doing, but had some
weird functions that were unclear and not used anyways.
Using escape() only makes the code slightly shorter and cleaner.
Suggested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit a6c585b677e3c4b5bdcf0ea8c3886c9cb20ae623
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Wed May 27 16:17:33 2026 +0100
header.pl: Decode/encode UTF-8 strings before escaping
HTML::Entities::encode_entities() does not seem to be able to work with
UTF-8 which therefore needs to be decoded before and encoded back
afterwards.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
config/cfgroot/header.pl | 27 +++++++++++-----------
config/rootfiles/core/203/filelists/files | 7 ------
.../112 => core/203}/filelists/web-user-interface | 0
html/cgi-bin/aliases.cgi | 2 +-
html/cgi-bin/connscheduler.cgi | 2 +-
html/cgi-bin/dhcp.cgi | 8 +++----
html/cgi-bin/dns.cgi | 2 +-
html/cgi-bin/dnsforward.cgi | 2 +-
html/cgi-bin/ipinfo.cgi | 2 +-
html/cgi-bin/logs.cgi/ids.dat | 4 ++--
html/cgi-bin/logs.cgi/log.dat | 2 +-
html/cgi-bin/logs.cgi/proxylog.dat | 4 ++--
html/cgi-bin/logs.cgi/summary.dat | 2 +-
html/cgi-bin/media.cgi | 2 +-
html/cgi-bin/netother.cgi | 6 ++---
html/cgi-bin/ovpnmain.cgi | 14 +++++------
html/cgi-bin/qos.cgi | 2 +-
html/cgi-bin/remote.cgi | 4 ++--
html/cgi-bin/routing.cgi | 2 +-
html/cgi-bin/samba.cgi | 4 ++--
html/cgi-bin/time.cgi | 2 +-
html/cgi-bin/vpnmain.cgi | 18 +++++++--------
html/cgi-bin/wakeonlan.cgi | 2 +-
html/cgi-bin/wio.cgi | 2 +-
html/cgi-bin/wireless.cgi | 4 ++--
25 files changed, 59 insertions(+), 67 deletions(-)
copy config/rootfiles/{oldcore/112 => core/203}/filelists/web-user-interface (100%)
Difference in files:
diff --git a/config/cfgroot/header.pl b/config/cfgroot/header.pl
index a1a39bb4e..05f67fc0d 100644
--- a/config/cfgroot/header.pl
+++ b/config/cfgroot/header.pl
@@ -627,7 +627,18 @@ sub getcgihash {
sub escape($) {
my $s = shift;
- return HTML::Entities::encode_entities($s);
+
+ # Decode from UTF-8 as HTML::Entitites::encode_entities
+ # does not support it.
+ $s = &Encode::decode("UTF-8", $s);
+
+ # Escape any HTML entities
+ $s = &HTML::Entities::encode_entities($s);
+
+ # Encode back to UTF-8
+ $s = &Encode::encode("UTF-8", $s);
+
+ return $s;
}
sub normalize($) {
@@ -642,18 +653,6 @@ sub normalize($) {
return $s;
}
-sub cleanhtml {
- my $outstring =$_[0];
- $outstring =~ tr/,/ / if not defined $_[1] or $_[1] ne 'y';
- # decode the UTF-8 text so that characters with diacritical marks such as
- # umlauts are treated correctly by the escape command
- $outstring = &Encode::decode("UTF-8",$outstring);
- $outstring = escape($outstring);
- # encode the text back to UTF-8 after running the escape command
- $outstring = &Encode::encode("UTF-8",$outstring);
- return $outstring;
-}
-
sub connectionstatus
{
my $iface='';
@@ -766,7 +765,7 @@ END
my $col = "";
my $divider_printed = 0;
foreach my $key (sort leasesort keys %entries) {
- my $hostname = &cleanhtml($entries{$key}->{HOSTNAME},"y");
+ my $hostname = &escape($entries{$key}->{HOSTNAME});
my $hostname_print = $hostname;
if($hostname_print eq "") { #print blank space if no hostname is found
$hostname_print = " ";
diff --git a/config/rootfiles/core/203/filelists/files b/config/rootfiles/core/203/filelists/files
index 87d9e6533..ac40b5083 100644
--- a/config/rootfiles/core/203/filelists/files
+++ b/config/rootfiles/core/203/filelists/files
@@ -13,13 +13,6 @@ etc/rc.d/rc0.d/K86knot-resolver
etc/rc.d/rc3.d/S11knot-resolver
etc/rc.d/rc3.d/S17waitfordns
etc/rc.d/rc6.d/K86knot-resolver
-srv/web/ipfire/cgi-bin/dhcp.cgi
-srv/web/ipfire/cgi-bin/dns.cgi
-srv/web/ipfire/cgi-bin/dnsbl.cgi
-srv/web/ipfire/cgi-bin/dnsforward.cgi
-srv/web/ipfire/cgi-bin/hosts.cgi
-srv/web/ipfire/cgi-bin/services.cgi
-srv/web/ipfire/cgi-bin/time.cgi
usr/local/bin/settime
usr/local/bin/update-rpzs
var/ipfire/backup/bin/backup.pl
diff --git a/config/rootfiles/core/203/filelists/web-user-interface b/config/rootfiles/core/203/filelists/web-user-interface
new file mode 120000
index 000000000..70c74b438
--- /dev/null
+++ b/config/rootfiles/core/203/filelists/web-user-interface
@@ -0,0 +1 @@
+../../../common/web-user-interface
\ No newline at end of file
diff --git a/html/cgi-bin/aliases.cgi b/html/cgi-bin/aliases.cgi
index aa1ea4cb6..80faea0ae 100644
--- a/html/cgi-bin/aliases.cgi
+++ b/html/cgi-bin/aliases.cgi
@@ -158,7 +158,7 @@ if ($settings{'ACTION'} eq $Lang::tr{'toggle enable disable'}) {
if ($settings{'ACTION'} eq $Lang::tr{'add'}) {
# Validate inputs
if (! &General::validip($settings{'IP'})) {$errormessage = "invalid ip"};
- $settings{'NAME'} = &Header::cleanhtml($settings{'NAME'});
+ $settings{'NAME'} = &Header::escape($settings{'NAME'});
# Make sure we haven't duplicated an alias or RED
my $spacer='';
diff --git a/html/cgi-bin/connscheduler.cgi b/html/cgi-bin/connscheduler.cgi
index cc78cbc1b..2f4332691 100644
--- a/html/cgi-bin/connscheduler.cgi
+++ b/html/cgi-bin/connscheduler.cgi
@@ -186,7 +186,7 @@ if ( ($cgiparams{'ACTION'} eq 'add') || ($cgiparams{'ACTION'} eq 'update') )
$CONNSCHED::config[$i]{'DAYSTYPE'} = lc($cgiparams{'ACTION_DAYSTYPE'});
$CONNSCHED::config[$i]{'DAYS'} = $l_days;
$CONNSCHED::config[$i]{'WEEKDAYS'} = $l_weekdays;
- $CONNSCHED::config[$i]{'COMMENT'} = &Header::cleanhtml($cgiparams{'ACTION_COMMENT'});
+ $CONNSCHED::config[$i]{'COMMENT'} = &Header::escape($cgiparams{'ACTION_COMMENT'});
&CONNSCHED::WriteConfig;
}
diff --git a/html/cgi-bin/dhcp.cgi b/html/cgi-bin/dhcp.cgi
index 37c1bf715..4b84ada42 100644
--- a/html/cgi-bin/dhcp.cgi
+++ b/html/cgi-bin/dhcp.cgi
@@ -455,10 +455,10 @@ if ($dhcpsettings{'ACTION'} eq $Lang::tr{'add'}.'2') {
}
unless ($errormessage) {
- $dhcpsettings{'FIX_REMARK'} = &Header::cleanhtml($dhcpsettings{'FIX_REMARK'});
- $dhcpsettings{'FIX_NEXTADDR'} = &Header::cleanhtml($dhcpsettings{'FIX_NEXTADDR'});
- $dhcpsettings{'FIX_FILENAME'} = &Header::cleanhtml($dhcpsettings{'FIX_FILENAME'});
- $dhcpsettings{'FIX_ROOTPATH'} = &Header::cleanhtml($dhcpsettings{'FIX_ROOTPATH'});
+ $dhcpsettings{'FIX_REMARK'} = &Header::escape($dhcpsettings{'FIX_REMARK'});
+ $dhcpsettings{'FIX_NEXTADDR'} = &Header::escape($dhcpsettings{'FIX_NEXTADDR'});
+ $dhcpsettings{'FIX_FILENAME'} = &Header::escape($dhcpsettings{'FIX_FILENAME'});
+ $dhcpsettings{'FIX_ROOTPATH'} = &Header::escape($dhcpsettings{'FIX_ROOTPATH'});
if ($dhcpsettings{'KEY2'} eq '') { #add or edit ?
unshift (@current2, "$dhcpsettings{'FIX_MAC'},$dhcpsettings{'FIX_ADDR'},$dhcpsettings{'FIX_ENABLED'},$dhcpsettings{'FIX_NEXTADDR'},$dhcpsettings{'FIX_FILENAME'},$dhcpsettings{'FIX_ROOTPATH'},$dhcpsettings{'FIX_REMARK'}\n");
open(FILE, ">$filename2") or die 'Unable to open fixed lease file.';
diff --git a/html/cgi-bin/dns.cgi b/html/cgi-bin/dns.cgi
index ca47e89cc..c02f0a4b7 100644
--- a/html/cgi-bin/dns.cgi
+++ b/html/cgi-bin/dns.cgi
@@ -147,7 +147,7 @@ if (($cgiparams{'SERVERS'} eq $Lang::tr{'save'}) || ($cgiparams{'SERVERS'} eq $L
# Go further if there was no error.
if ( ! $errormessage) {
# Check if a remark has been entered.
- $cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
+ $cgiparams{'REMARK'} = &Header::escape($cgiparams{'REMARK'});
my %dns_servers = ();
my $id;
diff --git a/html/cgi-bin/dnsforward.cgi b/html/cgi-bin/dnsforward.cgi
index 91acb1c0b..3b066902b 100644
--- a/html/cgi-bin/dnsforward.cgi
+++ b/html/cgi-bin/dnsforward.cgi
@@ -88,7 +88,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'add'})
$cgiparams{'FORWARD_SERVERS'} = join("|", @forward_servers);
# Check if a remark has been entered.
- $cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
+ $cgiparams{'REMARK'} = &Header::escape($cgiparams{'REMARK'});
# Set to off if not enabled
if (!$cgiparams{'DISABLE_DNSSEC'}) {
diff --git a/html/cgi-bin/ipinfo.cgi b/html/cgi-bin/ipinfo.cgi
index fd490b08e..3e0be4f46 100644
--- a/html/cgi-bin/ipinfo.cgi
+++ b/html/cgi-bin/ipinfo.cgi
@@ -191,7 +191,7 @@ END
print "<pre>\n";
foreach my $line (@lines) {
- print &Header::cleanhtml($line,"y");
+ print &Header::escape($line);
}
print "</pre>\n";
&Header::closebox();
diff --git a/html/cgi-bin/logs.cgi/ids.dat b/html/cgi-bin/logs.cgi/ids.dat
index ef224e3e6..3d5f93fa1 100644
--- a/html/cgi-bin/logs.cgi/ids.dat
+++ b/html/cgi-bin/logs.cgi/ids.dat
@@ -467,10 +467,10 @@ sub processevent
($title,$classification,$priority,$date,$time,$srcip,$srcport,$destip,$destport,$sid) = ("n/a","n/a","n/a","n/a","n/a","n/a","n/a","n/a","n/a", "n/a");
@refs = ();
$_ =~ m/:([0-9]{1,10})\] (.*) \[\*\*\]/;
- $title = &Header::cleanhtml($2,"y");
+ $title = &Header:escape($2);
}
if ($_ =~ m/Classification: (.*)\] \[Priority: (\d)\]/) {
- $classification = &Header::cleanhtml($1,"y");
+ $classification = &Header:escape($1);
$priority = $2;
}
if ($_ =~ m/([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3}) \-\> ([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})/) {
diff --git a/html/cgi-bin/logs.cgi/log.dat b/html/cgi-bin/logs.cgi/log.dat
index 90f675008..aa28ebca3 100644
--- a/html/cgi-bin/logs.cgi/log.dat
+++ b/html/cgi-bin/logs.cgi/log.dat
@@ -404,7 +404,7 @@ foreach $_ (@log)
$day =~ tr / /0/;
my $time = $cgiparams{'DAY'} ? "$2" : "$day/$2" ;
my $sec = $3;
- my $data = &Header::cleanhtml($4, 'y');
+ my $data = &Header:escape($4);
print <<END;
<tr>
diff --git a/html/cgi-bin/logs.cgi/proxylog.dat b/html/cgi-bin/logs.cgi/proxylog.dat
index 5109ca4cf..07fc03d92 100644
--- a/html/cgi-bin/logs.cgi/proxylog.dat
+++ b/html/cgi-bin/logs.cgi/proxylog.dat
@@ -465,8 +465,8 @@ foreach $_ (@log)
$url =~ /(^.{0,60})/;
my $part = $1;
unless (length($part) < 60) { $part = "${part}..."; }
- $url = &Header::cleanhtml($url,"y");
- $part = &Header::cleanhtml($part,"y");
+ $url = &Header:escape($url);
+ $part = &Header:escape($part);
if ($cgiparams{'DAY'}==0) { # full month
$DAYdt = sprintf ("%.02d/",$DAYdt);
} else {
diff --git a/html/cgi-bin/logs.cgi/summary.dat b/html/cgi-bin/logs.cgi/summary.dat
index cbca48c49..cceb35228 100644
--- a/html/cgi-bin/logs.cgi/summary.dat
+++ b/html/cgi-bin/logs.cgi/summary.dat
@@ -190,7 +190,7 @@ if(!$skip)
# box
while ( $content[0] =~ /^\s*$/ ) { shift @content; }
while ( $content[$#content] =~ /^\s*$/ ) { pop @content; }
- foreach $_ (@content) { $_ =~ s/\s*$//; print &Header::cleanhtml($_,"y")."\n"; }
+ foreach $_ (@content) { $_ =~ s/\s*$//; print &Header:escape($_)."\n"; }
print "\n</pre>";
&Header::closebox();
} elsif (/^\s*#+ LogWatch [^#]+[)] #+\s*$/) {
diff --git a/html/cgi-bin/media.cgi b/html/cgi-bin/media.cgi
index c1914f469..b2eb36118 100644
--- a/html/cgi-bin/media.cgi
+++ b/html/cgi-bin/media.cgi
@@ -202,7 +202,7 @@ sub diskbox {
}
my $smart = `/usr/local/bin/smartctrl $disk`;
- $smart = &Header::cleanhtml($smart);
+ $smart = &Header:escape($smart);
print <<END
<br /><input type="button" onClick="swapVisibility('smart_$disk')" value="$Lang::tr{'smart information'}" />
<div id='smart_$disk' style='display: none'>
diff --git a/html/cgi-bin/netother.cgi b/html/cgi-bin/netother.cgi
index 667777153..d1093a641 100644
--- a/html/cgi-bin/netother.cgi
+++ b/html/cgi-bin/netother.cgi
@@ -65,21 +65,21 @@ my $output = '';
&Header::openbox('100%', 'left', $Lang::tr{'routing table entries'});
$output = `/sbin/ip route show`;
-$output = &Header::cleanhtml($output,"y");
+$output = &Header::escape($output);
print "<pre>$output</pre>\n";
&Header::closebox();
$output = `/sbin/ip route list table 220`;
if ( $output ) {
&Header::openbox('100%', 'left', $Lang::tr{'ipsec routing table entries'});
- $output = &Header::cleanhtml($output,"y");
+ $output = &Header:escape($output);
print "<pre>$output</pre>\n";
&Header::closebox()
}
&Header::openbox('100%', 'left', $Lang::tr{'arp table entries'});
$output = `/sbin/ip neigh show`;
-$output = &Header::cleanhtml($output,"y");
+$output = &Header:escape($output);
print "<pre>$output</pre>\n";
&Header::closebox();
diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index 4e3cc7f50..6dc10a704 100644
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -1679,7 +1679,7 @@ END
}
}
- $casubject = &Header::cleanhtml($casubject);
+ $casubject = &Header:escape($casubject);
my $key = &General::findhasharraykey (\%cahash);
$cahash{$key}[0] = $cgiparams{'CA_NAME'};
@@ -1700,7 +1700,7 @@ END
&Header::openbigbox('100%', 'LEFT', '', $errormessage);
&Header::openbox('100%', 'LEFT', "$Lang::tr{'ca certificate'}:");
my @output = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "${General::swroot}/ovpn/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem");
- my $output = &Header::cleanhtml(join("", @output),"y");
+ my $output = &Header:escape(join("", @output));
print "<pre>$output</pre>\n";
&Header::closebox();
print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
@@ -1812,7 +1812,7 @@ END
&Header::openbox('100%', 'LEFT', "$Lang::tr{'host certificate'}:");
@output = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "${General::swroot}/ovpn/certs/servercert.pem");
}
- my $output = &Header::cleanhtml(join("", @output), "y");
+ my $output = &Header:escape(join("", @output));
print "<pre>$output</pre>\n";
&Header::closebox();
print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
@@ -2611,7 +2611,7 @@ END
&Header::openbigbox('100%', 'LEFT', '', '');
&Header::openbox('100%', 'LEFT', "$Lang::tr{'certificate'}:");
my @output = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem");
- my $output = &Header::cleanhtml(join("", @output), "y");
+ my $output = &Header:escape(join("", @output));
print "<pre>$output</pre>\n";
&Header::closebox();
print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
@@ -2676,7 +2676,7 @@ END
my @output = <FILE>;
close(FILE);
- my $output = &Header::cleanhtml(join("", @output),"y");
+ my $output = &Header:escape(join("", @output));
print "<pre>$output</pre>\n";
&Header::closebox();
print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
@@ -2699,7 +2699,7 @@ END
&Header::openbigbox('100%', 'LEFT', '', '');
&Header::openbox('100%', 'LEFT', "$Lang::tr{'crl'}:");
my @output = &General::system_output("/usr/bin/openssl", "crl", "-text", "-noout", "-in", "${General::swroot}/ovpn/crls/cacrl.pem");
- my $output = &Header::cleanhtml(join("", @output), "y");
+ my $output = &Header:escape(join("", @output));
print "<pre>$output</pre>\n";
&Header::closebox();
print "<div align='center'><a href='/cgi-bin/ovpnmain.cgi'>$Lang::tr{'back'}</a></div>";
@@ -3727,7 +3727,7 @@ if ($confighash{$cgiparams{'KEY'}}) {
$cgiparams{'TLSAUTH'} = $confighash{$cgiparams{'KEY'}}[41];
$cgiparams{'OTP_STATE'} = $confighash{$cgiparams{'KEY'}}[43];
} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) {
- $cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
+ $cgiparams{'REMARK'} = &Header:escape($cgiparams{'REMARK'});
# CCD check iroute field and convert it to decimal
if ($cgiparams{'TYPE'} eq 'host') {
diff --git a/html/cgi-bin/qos.cgi b/html/cgi-bin/qos.cgi
index 8400bafdf..765342b5a 100644
--- a/html/cgi-bin/qos.cgi
+++ b/html/cgi-bin/qos.cgi
@@ -556,7 +556,7 @@ elsif ($qossettings{'ACTION'} eq $Lang::tr{'status'} )
if ($qossettings{'ENABLED'} eq 'on'){
my $output = "";
my @output = &General::system_output("/usr/local/bin/qosctrl", "status");
- $output = &Header::cleanhtml(join("", @output), "y");
+ $output = &Header:escape(join("", @output));
print "<pre>$output</pre>\n";
} else { print "$Lang::tr{'QoS not enabled'}"; }
&Header::closebox();
diff --git a/html/cgi-bin/remote.cgi b/html/cgi-bin/remote.cgi
index 38f7599d7..04b13edf4 100644
--- a/html/cgi-bin/remote.cgi
+++ b/html/cgi-bin/remote.cgi
@@ -258,8 +258,8 @@ sub viewkey
my @ssh_keygen = &General::system_output("/usr/bin/ssh-keygen", "-l", "-f", "$key");
my @temp = split(/ /, $ssh_keygen[0]);
- my $keysize = &Header::cleanhtml($temp[0],"y");
- my $fingerprint = &Header::cleanhtml($temp[1],"y");
+ my $keysize = &Header:escape($temp[0]);
+ my $fingerprint = &Header:escape($temp[1]);
print "<tr><td><code>$key</code></td><td align='center'>$name</td><td><code>$fingerprint</code></td><td align='center'>$keysize</td></tr>\n";
}
}
diff --git a/html/cgi-bin/routing.cgi b/html/cgi-bin/routing.cgi
index 109fc3e3e..31e750fa1 100644
--- a/html/cgi-bin/routing.cgi
+++ b/html/cgi-bin/routing.cgi
@@ -388,7 +388,7 @@ END
&Header::closebox();
my $output = `/sbin/ip route show table static`;
-$output = &Header::cleanhtml($output,"y");
+$output = &Header:escape($output);
if ( $output != "" ) {
&Header::openbox('100%', 'left', $Lang::tr{'routing table entries'});
diff --git a/html/cgi-bin/samba.cgi b/html/cgi-bin/samba.cgi
index f3b092da8..36c4a62ff 100644
--- a/html/cgi-bin/samba.cgi
+++ b/html/cgi-bin/samba.cgi
@@ -153,7 +153,7 @@ if ($errormessage)
}
if ($message) {
- $message = &Header::cleanhtml($message);
+ $message = &Header:escape($message);
$message =~ s/\n/<br>/g;
&Header::openbox('100%', 'left', $Lang::tr{'messages'});
@@ -653,7 +653,7 @@ END
&Header::openbox('100%', 'left', $Lang::tr{'status'});
my $status = qx(/usr/local/bin/sambactrl smbstatus);
-$status = &Header::cleanhtml($status);
+$status = &Header:escape($status);
print <<END;
<small>
diff --git a/html/cgi-bin/time.cgi b/html/cgi-bin/time.cgi
index 56bca7cf6..2f83b33cd 100644
--- a/html/cgi-bin/time.cgi
+++ b/html/cgi-bin/time.cgi
@@ -161,7 +161,7 @@ ERROR:
# To enter an ' into a pushbutton solution is to use ' in it's definition
# but returned value when pressed is ' not the code. Cleanhtml recode the ' to enable comparison.
-$timesettings{'ACTION'} = &Header::cleanhtml ($timesettings{'ACTION'});
+$timesettings{'ACTION'} = &Header:escape ($timesettings{'ACTION'});
if ($timesettings{'ACTION'} eq $Lang::tr{'set time now'} && $timesettings{'ENABLENTP'} eq 'on')
{
&General::system('/usr/bin/touch', "/var/lock/time/settimenow");
diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi
index 7de5b1664..fc88c9886 100644
--- a/html/cgi-bin/vpnmain.cgi
+++ b/html/cgi-bin/vpnmain.cgi
@@ -677,7 +677,7 @@ END
my $key = &General::findhasharraykey (\%cahash);
$cahash{$key}[0] = $cgiparams{'CA_NAME'};
- $cahash{$key}[1] = &Header::cleanhtml(getsubjectfromcert ("${General::swroot}/ca/$cgiparams{'CA_NAME'}cert.pem"));
+ $cahash{$key}[1] = &Header:escape(getsubjectfromcert ("${General::swroot}/ca/$cgiparams{'CA_NAME'}cert.pem"));
&General::writehasharray("${General::swroot}/vpn/caconfig", \%cahash);
&General::system('/usr/local/bin/ipsecctrl', 'R');
@@ -697,7 +697,7 @@ END
&Header::openbigbox('100%', 'left', '', '');
&Header::openbox('100%', 'left', "$Lang::tr{'ca certificate'}:");
my @output = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "${General::swroot}/ca/$cahash{$cgiparams{'KEY'}}[0]cert.pem");
- my $output = &Header::cleanhtml(join("", @output) ,"y");
+ my $output = &Header:escape(join("", @output));
print "<pre>$output</pre>\n";
&Header::closebox();
print "<div align='center'><a href='/cgi-bin/vpnmain.cgi'>$Lang::tr{'back'}</a></div>";
@@ -824,7 +824,7 @@ END
&Header::openbox('100%', 'left', "$Lang::tr{'host certificate'}:");
@output = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "${General::swroot}/certs/hostcert.pem");
}
- my $output = &Header::cleanhtml(join("", @output) ,"y");
+ my $output = &Header:escape(join("", @output));
print "<pre>$output</pre>\n";
&Header::closebox();
print "<div align='center'><a href='/cgi-bin/vpnmain.cgi'>$Lang::tr{'back'}</a></div>";
@@ -1520,7 +1520,7 @@ END
&Header::openbigbox('100%', 'left', '', '');
&Header::openbox('100%', 'left', "$Lang::tr{'cert'}:");
my @output = &General::system_output("/usr/bin/openssl", "x509", "-text", "-in", "${General::swroot}/certs/$confighash{$cgiparams{'KEY'}}[1]cert.pem");
- my $output = &Header::cleanhtml(join("", @output) ,"y");
+ my $output = &Header:escape(join("", @output));
print "<pre>$output</pre>\n";
&Header::closebox();
print "<div align='center'><a href='/cgi-bin/vpnmain.cgi'>$Lang::tr{'back'}</a></div>";
@@ -1724,7 +1724,7 @@ END
}
} elsif ($cgiparams{'ACTION'} eq $Lang::tr{'save'}) {
- $cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
+ $cgiparams{'REMARK'} = &Header:escape($cgiparams{'REMARK'});
if ($cgiparams{'TYPE'} !~ /^(host|net)$/) {
$errormessage = $Lang::tr{'connection type is invalid'};
goto VPNCONF_ERROR;
@@ -1973,7 +1973,7 @@ END
if (!$errormessage) {
&General::log("charon", "Moving cacert...");
#If CA have new subject, add it to our list of CA
- my $casubject = &Header::cleanhtml(getsubjectfromcert ('/tmp/newcacert'));
+ my $casubject = &Header:escape(getsubjectfromcert ('/tmp/newcacert'));
my @names;
foreach my $x (keys %cahash) {
$casubject='' if ($cahash{$x}[1] eq $casubject);
@@ -1988,7 +1988,7 @@ END
my $idx=0;
while (grep(/Imported-$idx/, @names) ) {$idx++};
$cgiparams{'CA_NAME'}="Imported-$idx";
- $cgiparams{'CERT_NAME'}=&Header::cleanhtml(getCNfromcert ('/tmp/newhostcert'));
+ $cgiparams{'CERT_NAME'}=&Header:escape(getCNfromcert ('/tmp/newhostcert'));
unless(move("/tmp/newcacert", "${General::swroot}/ca/$cgiparams{'CA_NAME'}cert.pem")) {
$errormessage = "$Lang::tr{'certificate file move failed'}: $!";
@@ -3584,7 +3584,7 @@ EOF
my $col1="bgcolor='$color{'color22'}'";
my $col2="bgcolor='$color{'color20'}'";
if (-f "${General::swroot}/ca/cacert.pem") {
- my $casubject = &Header::cleanhtml(getsubjectfromcert ("${General::swroot}/ca/cacert.pem"));
+ my $casubject = &Header:escape(getsubjectfromcert ("${General::swroot}/ca/cacert.pem"));
print <<END
<tr>
<td class='base' $col1>$Lang::tr{'root certificate'}</td>
@@ -3616,7 +3616,7 @@ END
}
if (-f "${General::swroot}/certs/hostcert.pem") {
- my $hostsubject = &Header::cleanhtml(getsubjectfromcert ("${General::swroot}/certs/hostcert.pem"));
+ my $hostsubject = &Header:escape(getsubjectfromcert ("${General::swroot}/certs/hostcert.pem"));
print <<END
<tr>
diff --git a/html/cgi-bin/wakeonlan.cgi b/html/cgi-bin/wakeonlan.cgi
index e88448964..d2dfbabf0 100644
--- a/html/cgi-bin/wakeonlan.cgi
+++ b/html/cgi-bin/wakeonlan.cgi
@@ -307,7 +307,7 @@ for $i ( 0 .. $#wol_devices )
{
my $wol_mac = $wol_devices[$i]{'MAC'};
my $wol_iface = $wol_devices[$i]{'IFace'};
- my $wol_txt = &Header::cleanhtml($wol_devices[$i]{'Comment'});
+ my $wol_txt = &Header:escape($wol_devices[$i]{'Comment'});
if ( (($cgiparams{'ACTION'} eq 'edit') || ($cgiparams{'ACTION'} eq 'update')) && ($i == $cgiparams{'ID'}) )
{
diff --git a/html/cgi-bin/wio.cgi b/html/cgi-bin/wio.cgi
index 9975c294d..cce9252c6 100644
--- a/html/cgi-bin/wio.cgi
+++ b/html/cgi-bin/wio.cgi
@@ -1852,7 +1852,7 @@ print"
";
$output = `/sbin/ip neigh list`;
-$output = &Header::cleanhtml($output,"y");
+$output = &Header:escape($output);
my $arpcnt = 0;
diff --git a/html/cgi-bin/wireless.cgi b/html/cgi-bin/wireless.cgi
index 27a2d9dd7..5c15a161c 100644
--- a/html/cgi-bin/wireless.cgi
+++ b/html/cgi-bin/wireless.cgi
@@ -331,7 +331,7 @@ foreach my $line (@current)
if ($temp[3] eq 'on') { $gif = 'on.gif'; $toggle='off'; $gdesc=$Lang::tr{'click to disable'};}
else { $gif = 'off.gif'; $toggle='on'; $gdesc=$Lang::tr{'click to enable'};}
- my $remark = &Header::cleanhtml($temp[4]);
+ my $remark = &Header:escape($temp[4]);
my $col="";
if ($cgiparams{'ACTION'} eq 'edit' && $cgiparams{'ID'} eq $id) {
@@ -462,7 +462,7 @@ END
my $id = 0;
foreach my $key (sort blueleasesort keys %entries) {
- my $hostname = &Header::cleanhtml($entries{$key}->{HOSTNAME},"y");
+ my $hostname = &Header:escape($entries{$key}->{HOSTNAME});
my $col="";
if ($id % 2) {
hooks/post-receive
--
IPFire 2.x development tree
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2026-05-27 15:33 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2026-05-27 15:32 [git.ipfire.org] IPFire 2.x development tree branch, next, updated. eebf365a5145e16a85b5a49337ab496fed3fbe78 Michael Tremer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox