marcel/zoraxy
1
0
Fork 0
mirror of https://github.com/tobychui/zoraxy.git synced 2025-08-07 13:48:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fixed #267

Browse Source 
- Added csrf middleware to management portal mux
- Added csrf token to all html templates
- Added csrf validation to all endpoints
- Optimized some old endpoints implementation
This commit is contained in:
Toby Chui
2024-07-24 21:58:44 +08:00
parent b1c5bc2963
commit f595da92a1
45 changed files with 535 additions and 307 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
src/web/snippet/acme.html
View File

@@ -3,9 +3,11 @@
<head>
<!-- Notes: This should be open in its original path-->
<meta charset="utf-8">
<meta name="zoraxy.csrf.Token" content="{{.csrfToken}}">
<link rel="stylesheet" href="../script/semantic/semantic.min.css">
<script src="../script/jquery-3.6.0.min.js"></script>
<script src="../script/semantic/semantic.min.js"></script>
<script src="../script/utils.js"></script>
<style>
.disabled.table{
opacity: 0.5;
@@ -234,8 +236,9 @@
initRenewerConfigFromFile();
function saveEmailToConfig(btn){
$.ajax({
$.cjax({
url: "/api/acme/autoRenew/email",
method: "POST",
data: {set: $("#caRegisterEmail").val()},
success: function(data){
if (data.error != undefined){
@@ -256,27 +259,29 @@
function toggleAutoRenew(){
var enabled = $("#enableCertAutoRenew").parent().checkbox("is checked");
$.post("/api/acme/autoRenew/enable?enable=" + enabled, function(data){
if (data.error){
parent.msgbox(data.error, false, 5000);
if (enabled){
enableTrigerOnChangeEvent = false;
$("#enableCertAutoRenew").parent().checkbox("set unchecked");
enableTrigerOnChangeEvent = true;
}
if (parent && parent.setACMEEnableStates){
parent.setACMEEnableStates(!enabled);
}
}else{
$("#enableToggleSucc").stop().finish().fadeIn("fast").delay(3000).fadeOut("fast");
if (parent && parent.setACMEEnableStates){
parent.setACMEEnableStates(enabled);
$.cjax({
url: "/api/acme/autoRenew/enable",
method: "POST",
data: {"enable": enabled},
success: function(data){
if (data.error){
parent.msgbox(data.error, false, 5000);
if (enabled){
enableTrigerOnChangeEvent = false;
$("#enableCertAutoRenew").parent().checkbox("set unchecked");
enableTrigerOnChangeEvent = true;
}
if (parent && parent.setACMEEnableStates){
parent.setACMEEnableStates(!enabled);
}
}else{
$("#enableToggleSucc").stop().finish().fadeIn("fast").delay(3000).fadeOut("fast");
if (parent && parent.setACMEEnableStates){
parent.setACMEEnableStates(enabled);
}
}
}
});
}
//Render the domains table that exists in this zoraxy host
@@ -630,7 +635,7 @@
return;
}
$.ajax({
$.cjax({
url: "/api/acme/autoRenew/setDNS",
method: "POST",
data: {
@@ -843,8 +848,9 @@
function saveAutoRenewPolicy(){
let autoRenewAll = $("#renewAllSupported").parent().checkbox("is checked");
if (autoRenewAll == true){
$.ajax({
$.cjax({
url: "/api/acme/autoRenew/setDomains",
method: "POST",
data: {opr: "setAuto"},
success: function(data){
parent.msgbox("Renew policy rule updated")
@@ -856,8 +862,9 @@
checkedNames.push($(this).attr('name'));
});
$.ajax({
$.cjax({
url: "/api/acme/autoRenew/setDomains",
method: "POST",
data: {opr: "setSelected", domains: JSON.stringify(checkedNames)},
success: function(data){
parent.msgbox("Renew policy rule updated")