Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
P
pve-manager
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Administrator
pve-manager
Commits
cf444f03
Commit
cf444f03
authored
Jun 25, 2012
by
Dietmar Maurer
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
display version info after login
It is a security risk to display version info to unauthenticated users.
parent
8dd924cc
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
27 additions
and
4 deletions
+27
-4
Workspace.js
www/manager/Workspace.js
+26
-1
index.pl
www/manager/index.pl
+1
-3
No files found.
www/manager/Workspace.js
View file @
cf444f03
...
@@ -211,6 +211,15 @@ Ext.define('PVE.StdWorkspace', {
...
@@ -211,6 +211,15 @@ Ext.define('PVE.StdWorkspace', {
if
(
loginData
)
{
if
(
loginData
)
{
PVE
.
data
.
ResourceStore
.
startUpdate
();
PVE
.
data
.
ResourceStore
.
startUpdate
();
PVE
.
Utils
.
API2Request
({
url
:
'
/version
'
,
method
:
'
GET
'
,
success
:
function
(
response
)
{
PVE
.
VersionInfo
=
response
.
result
.
data
;
me
.
updateVersionInfo
();
}
});
}
}
},
},
...
@@ -228,6 +237,21 @@ Ext.define('PVE.StdWorkspace', {
...
@@ -228,6 +237,21 @@ Ext.define('PVE.StdWorkspace', {
ui
.
doLayout
();
ui
.
doLayout
();
},
},
updateVersionInfo
:
function
()
{
var
me
=
this
;
var
ui
=
me
.
query
(
'
#versioninfo
'
)[
0
];
if
(
PVE
.
VersionInfo
)
{
var
version
=
PVE
.
VersionInfo
.
version
+
'
-
'
+
PVE
.
VersionInfo
.
release
+
'
/
'
+
PVE
.
VersionInfo
.
repoid
;
ui
.
update
(
'
<span class="x-panel-header-text">Proxmox Virtual Environment<br>
'
+
gettext
(
'
Version
'
)
+
'
:
'
+
version
+
"
</span>
"
);
}
else
{
ui
.
update
(
'
<span class="x-panel-header-text">Proxmox Virtual Environment</span>
'
);
}
ui
.
doLayout
();
},
initComponent
:
function
()
{
initComponent
:
function
()
{
var
me
=
this
;
var
me
=
this
;
...
@@ -341,7 +365,8 @@ Ext.define('PVE.StdWorkspace', {
...
@@ -341,7 +365,8 @@ Ext.define('PVE.StdWorkspace', {
{
{
minWidth
:
200
,
minWidth
:
200
,
flex
:
1
,
flex
:
1
,
html
:
'
<span class="x-panel-header-text">Proxmox Virtual Environment<br>
'
+
gettext
(
'
Version
'
)
+
'
'
+
PVE
.
GUIVersion
+
"
</span>
"
id
:
'
versioninfo
'
,
html
:
'
<span class="x-panel-header-text">Proxmox Virtual Environment</span>
'
},
},
{
{
pack
:
'
end
'
,
pack
:
'
end
'
,
...
...
www/manager/index.pl
View file @
cf444f03
...
@@ -4,7 +4,6 @@ use strict;
...
@@ -4,7 +4,6 @@ use strict;
use
mod_perl2
'
1.9922
';
use
mod_perl2
'
1.9922
';
use
Encode
;
use
Encode
;
use
CGI
;
use
CGI
;
use
PVE::
pvecfg
;
use
PVE::
JSONSchema
;
use
PVE::
JSONSchema
;
use
PVE::
AccessControl
;
use
PVE::
AccessControl
;
use
PVE::
REST
;
use
PVE::
REST
;
...
@@ -42,7 +41,7 @@ if (my $cookie = $r->headers_in->{Cookie}) {
...
@@ -42,7 +41,7 @@ if (my $cookie = $r->headers_in->{Cookie}) {
$token
=
PVE::AccessControl::
assemble_csrf_prevention_token
(
$username
);
$token
=
PVE::AccessControl::
assemble_csrf_prevention_token
(
$username
);
}
}
}
}
my
$version
=
PVE::pvecfg::
version_text
();
$username
=
''
if
!
$username
;
$username
=
''
if
!
$username
;
my
$cgi
=
CGI
->
new
(
$r
);
my
$cgi
=
CGI
->
new
(
$r
);
...
@@ -53,7 +52,6 @@ my $workspace = defined($args{console}) ?
...
@@ -53,7 +52,6 @@ my $workspace = defined($args{console}) ?
my
$jssrc
=
<<_EOJS;
my
$jssrc
=
<<_EOJS;
if (!PVE) PVE = {};
if (!PVE) PVE = {};
PVE.GUIVersion = '$version';
PVE.UserName = '$username';
PVE.UserName = '$username';
PVE.CSRFPreventionToken = '$token';
PVE.CSRFPreventionToken = '$token';
_EOJS
_EOJS
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
