Useful for Web APIs and all other kinds of things.
API changes:
- Added public CHTTPSock::GetURI() method
- Added public CModule::ValidateWebRequestCSRFCheck() method
- Made CWebSock::GetCSRFCheck() method public so it can be accessed
from CModule
- Added public CWebSock::ValidateCSRFCheck() method
Other changes:
- Added a Sample Web API module (modules/samplewebapi.cpp) and a
simple web form with no CSRF check.
Implements feature request #1180.
Prefix links in templates with URIPrefix and add the input field to the
Listener editor.
The URIPrefix is provided as a top-level template variable. All URIs
have been changed to have the prefix prepended.
Currently, znc has a limit of 5 web sessions per IP address. This limit exists
to defend against some obvious DoS attacks. When this limit is hit, some session
is discarded.
Previously, we would discard the session that std::multimap::find() would give
us. The multimap used mapped from IP addresses to sessions. Thus, we would
discard the oldest session.
This commit changes this into some least-recently-used logic. Whenever a session
is used, we record the timestamp of this. Then when a session has to be picked
for discarding, the one with the oldest timestamp is used.
Signed-off-by: Uli Schlachter <psychon@znc.in>
The following people agreed with the change, in alphabetical order:
(people who approved in several ways are listed only once)
By email:
- Adam (from Anope)
- Austin Morton
- Brian Campbell
- Christian Walde
- Daniel Holbert
- Daniel Wallace
- Falk Seidel
- Heiko Hund
- Ingmar Runge
- Jim Hull
- Kyle Fuller
- Lee Aylward
- Martin Martimeo
- Matt Harper
- Michael J Edgar
- Michael Ziegler
- Nick Bebout
- Paul Driver
- Perry Nguyen
- Philippe (cycomate)
- Reuben Morais
- Roland Hieber
- Sebastian Ramacher
- Stefan Rado
- Stéphan Kochen
- Thomas Ward
- Toon Schoenmakers
- Veit Wahlich
- Wulf C. Krueger
By IRC:
- CNU
- Jonas Gorski
- Joshua M. Clulow
- Prozac/SHiZNO
- SilverLeo
- Uli Schlachter
At https://github.com/znc/znc/issues/311 :
- Alexey Sokolov
- Elizabeth Myers
- flakes
- Jens-Andre Koch
- Jyzee
- KindOne/ineedalifetoday
- Lee Williams
- Mantas Mikulėnas
- md-5
- Reed Loden
At the last few pull requests' comments:
- Allan Odgaard
- Jacob Baines
- Lluís Batlle i Rossell
- ravomavain
- protomouse
The following commits' authors didn't respond:
Trivial changes:
- f70f1086fd
- 4ca8b50e45
The changes which are not presented in master anymore:
- 5512ed2ea0
- 960a4498f7
- 0f739de2c0
- 7f53cc810bFix#311Fix#218
Only his changes to the core are presented here.
Unfortunately, the skin itself looks ugly on Opera,
and simply doesn't work on Firefox...
Merge branch 'master' into znc-ation
Conflicts:
modules/data/lastseen/tmpl/lastseen_WebadminUser.tmpl
modules/data/webadmin/tmpl/settings.tmpl
Alexey Sokolov