mirror/webgui
1
0
Fork 0
mirror of https://github.com/unraid/webgui.git synced 2026-01-13 05:00:06 -06:00
Code Issues Packages Projects Releases Wiki Activity
4,015 Commits 17 Branches 227 Tags
70db0366f8dc89cc7bdcc4e465f4b39c83fe4929
Commit Graph

14 Commits

Author SHA1 Message Date
Eric Schultz
7a76a7c736 login page favicon now matches the green/yellow/red icon from the other webgui pages 2020-01-17 04:47:20 -06:00
Eric Schultz
1254b79856 harden preg_replace() in auth_request.php 2020-01-16 15:06:14 -06:00
Eric Schultz
5ec3b020a4 allow cache-buster params on whitelisted urls in auth_request 2020-01-10 20:08:01 -06:00
bergware
9f2f6fb308 Patched vulnerability in auth_request 2020-01-08 08:56:07 +01:00
Larry Meaney
0e3f8bdd0f Only create session when user successfully logs in 
Also, enable session.use_strict_mode to prevent session fixation attacks
 2019-10-18 22:53:06 -07:00
Eric Schultz
655b3ed883 Use samesite=strict for the login session cookie 2019-09-16 03:00:34 -05:00
Eric Schultz
01bd18b46f remove leading dot in login cookie domain 2019-09-08 16:45:57 -05:00
Eric Schultz
0b765531fe logon session uses a unique name now 2019-09-07 01:42:06 -05:00
Eric Schultz
facb1fbe86 only secure cookies when using https 2019-09-06 13:37:03 -05:00
Eric Schultz
b4a60ddf73 keep session alive during auth checks 2019-09-06 13:28:19 -05:00
Eric Schultz
464a187d42 use a valid shortcut icon for the login page 2019-09-03 23:15:50 -05:00
Eric Schultz
32b31a472b allow access to font-cases for unauthorized users 2019-09-03 20:30:56 -05:00
Eric Schultz
8085abdf38 improve locking down unauthorized folders 2019-08-30 14:31:23 -05:00
Tom Mortensen
4c6c950042 Support forms-based authentication for login/logout. 
Username 'admin' is alias for 'root'.
 2019-08-17 13:08:41 -07:00