sbrl-github/Pepperminty-Wiki
sbrl-github
/
Pepperminty-Wiki
mirror of https://github.com/sbrl/Pepperminty-Wiki.git
1
0
Fork 0
Code

Add confirmation before gallery HTTP requests

This commit is contained in:
Starbeamrainbowlabs 2019-10-07 16:43:35 +01:00
parent 6696e90d9c
commit 4f5a81f65b
Signed by: sbrl
GPG Key ID: 1BE5172E637709C2
4 changed files with 21 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -1,3 +1,4 @@
.serenata
*.backup
themes/**/*.png
themes/themeindex.json

2
module_index.json
View File

@ -155,7 +155,7 @@
"version": "0.3",
"author": "Starbeamrainbowlabs",
"description": "Adds a theme gallery page and optional automatic theme updates. Contacts a remote server, where IP addresses are stored in automatic server logs for security and attack mitigation purposes.",
"lastupdate": 1569770257,
"lastupdate": 1570462781,
"optional": false,
"extra_data": []
},

19
modules/feature-theme-gallery.php
View File

@ -26,8 +26,25 @@ register_module([
exit(page_renderer::render_main("Error - $settings->sitename", $errorMessage));
}
$themes_available = [];
$gallery_urls = explode(" ", $settings->css_theme_gallery_index_url);
if(!isset($_GET["load"]) || $_GET["load"] !== "yes") {
$result = "<h1>Theme Gallery</h1>
<p>Load the theme gallery? A HTTP request will be made to the following endpoints:</p>
<ul>";
foreach($gallery_urls as $url) {
$result .= "<li><a href='".htmlentities($url)."'>".htmlentities($url)."</a></li>\n";
}
$result .= "</ul>
<p>...with the following user agent string: <code>".ini_get("user_agent")."</code></p>
<p>No external HTTP requests will be made without your consent.</p>
<p><a href='?action=theme-gallery&load=yes'>Ok, load the gallery</a>.</p>
<p> <a href='javascript:history.back();'>Actually, take me back</a>.</p>";
exit(page_renderer::render_main("Theme Gallery - $settings->sitename", $result));
}
$themes_available = [];
foreach($gallery_urls as $url) {
if(empty($url)) continue;
$next_obj = json_decode(@file_get_contents($url));

2
themes/default/theme.css
View File

@ -165,12 +165,12 @@ blockquote { padding-left: 1em; border-left: 0.2em solid var(--accent-a3); borde
pre { white-space: pre-wrap; }
a { cursor: pointer; }
a:focus { outline-width: 0.1em; }
a.redlink:link { color: var(--accent-c1); }
a.redlink:visited { color: var(--accent-c2); }
a.redlink:active, a.redlink:focus { color: var(--accent-c3); }
a.interwiki_link::before { content: "\\1f6f8"; display: inline-block; margin-right: 0.25em; }
a.interwiki_link { color: var(--accent-d1); }
a:focus { outline-width: 0.1em; }
.matching-tags-display { display: flex; margin: 0 -2em; padding: 1em 2em; background: hsla(30, 84%, 72%, 0.75); }
.matching-tags-display > label { flex: 0; font-weight: bold; color: var(--accent-a3); }