MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
25,717 Commits
34 Branches
364 Tags
187 MiB
Commit Graph

39 Commits (2.4)

Author SHA1 Message Date
iglocska a94777231b
fix: [templates controller] remove CSRF protection from the rearranging 
- worst case an attacker messes with the order of a template's fields via CSRF, don't think anyone will ever care
- removes the annoying blackholing for the drag and drop
 2023-05-23 10:46:54 +02:00
Jakub Onderka b100377a73 chg: [internal] Do not modify session when not necessary 2021-11-25 11:58:32 +01:00
Luciano Righetti 2e8e013cd0 chg: reuse add view for /templates/edit 2021-07-21 15:07:58 +02:00
Luciano Righetti e7ae9df6a3 chg: migrate /templates/index view, use CRUD compoenent in TemplatesController::delete() 2021-07-21 11:04:28 +02:00
iglocska a81894f14c chg: [CS] Changed to PSR-2 
- to make contributions easier, adopted PSR-2
- used php-cs-fixer to rework the style
- *sniff sniff* Goodbye tab indentation
 2018-07-19 11:48:22 +02:00
iglocska 68b8266584 new: New flash message system, fixes #3252 
- 3 types of flash messages (success, error, warning)
- uses bootstrap's own classes/structure
 2018-05-16 19:32:38 +02:00
iglocska 952fff6252 fix: Fixes to several cases of reflected XSS, fixes #2381 
- as reported by @import-au

- Additionally enforce content-type on all async APIs called by the UI using CakeResponse
 2017-08-08 21:37:03 +02:00
iglocska 8f4f1d2b46 fix: Fixed several issues with the template file uploads, fixes #1743 
- Bug with uploading attachments as described in the issue
  - move from pass by reference for a loop was still lacking the correct selector to update the array element instead of the loop's copy
  - attachment uploader tried to base64 the file-name instead of the file-data and store it as the attachment

- Fix to an unrelated bug that didn't encrypt malicious files when going through the template uploader
 2016-12-11 22:00:05 +01:00
Iglocska 7212011a80 fix: Fixes an issue where the wrong set of tags were applied when populating an event from a template, fixes #1636 2016-11-09 17:52:32 +01:00
Andreas Ziegler 25e52a6786 chg: remove some references to variables 2016-09-15 17:08:58 +02:00
iglocska 80ed1cf65d fix: Removed filename check from the AppController 
- rerouted all calls to the method to the Model equivalent
 2016-09-01 09:18:54 +02:00
iglocska 873b201eb0 Merge branch '2.4' of https://github.com/MISP/MISP into 2.4 2016-08-25 11:38:59 +02:00
iglocska 822b0bf8fa chg: Cleanup of the controllers and models 
- removed incorrect, useless boiler plate comments
- kept useful comments intact
- added some missing line breaks to make the codebase a bit more uniform
- removed some obviously obsolete TODO comments
 2016-08-25 11:38:37 +02:00
Andreas Ziegler e8599fb16c chg: new filename regex & separate functions 2016-08-24 15:31:17 +02:00
Andras Iklody 48fa353df9 Merge pull request #1470 from rotanid/cleanup-tplctr 
cleanup TemplatesController.php
 2016-08-24 09:43:32 +02:00
Andreas Ziegler b70695b666 chg: cleanup TemplatesController.php 2016-08-24 02:42:49 +02:00
Andreas Ziegler eb66a80c76 chg: filename regex changes 2016-08-24 02:35:04 +02:00
Andreas Ziegler ff7a7de938 chg: use 1/0 not true/false for conditions & other boolean sqlquery elements 2016-07-11 21:26:16 +02:00
Andreas Ziegler 985451642e add space after keywords if/for/foreach/while/switch/catch 2016-06-04 15:45:39 +02:00
Andreas Ziegler 0fe692c56a remove whitespace at end of line 2016-06-04 01:10:45 +02:00
Andreas Ziegler 898ea1d97c remove whitespace (space/tab) from empty lines 2016-06-04 01:08:16 +02:00
Iglocska e16371e255 chg: Some cleanup of old unused stuff 2016-05-20 09:07:51 +02:00
Iglocska 6353de1e58 Template population menu fixes 2016-02-03 10:16:03 +01:00
Iglocska 07a03abdc7 Fixed adding / removing tags to a template, fixes #898 2016-02-03 09:59:03 +01:00
Iglocska c4cf4eca9c Copy pasta fail on the populate from template action 
- the lookup for valid event access was comparing the user's org name to the event's org id which always failed
 2016-01-22 09:28:33 +01:00
Fafner [_KeyZee_] 01756dd261 Update TemplatesController.php 2015-12-28 15:40:09 +01:00
iglocska 728425aedd Invalid orgc lookup in the template choice menu, fixes #795 2015-12-28 15:03:06 +01:00
iglocska 7e2a935226 Fix to the templating being broken, fixes #787 2015-12-25 00:25:59 +01:00
Iglocska 1b291904d4 Fixed some more invalid org checks 2015-10-15 14:31:07 +02:00
Iglocska e706562cd5 Fixes to the RPZ export based on the testing of elhoim 
- some errors in the format (wrong comment character used, rpz-ip not appended to IP addresses, missing semi-colon)
- removed hostnames that are on domains blocked by the rules based on domain attributes
 2015-07-07 14:42:28 +02:00
Iglocska 27cc167c33 Fix to an incorrect validation of temporary filenames 2015-07-01 11:06:11 +02:00
Iglocska 415d85102d Security fix: Fix to a possible PHP Object injection 
- unserialized user input replaced with json_decode
 2015-07-01 08:38:40 +02:00
iglocska f14a26444b Fix to some event altering actions not updating the timestamp 2014-12-10 14:08:08 +01:00
iglocska 35ba6321dc Various improvements with the way events are unpublished after changes 
- UI improvements, events appear unpublished after ajax queries that alter attributes
- Events get unpublished by the attribute replace tool and template population as they should
 2014-08-14 14:08:55 +02:00
iglocska 029ef252a2 Some fixes to the templating 
- resolved bugs with permissions
- fixed the broken mass delete tool
- Fixed an issue with the type not being chosen correctly for file type attributes when created through the templating tool
 2014-07-08 11:31:23 +02:00
iglocska 45d826a252 First version of the templating feature complete 
- still needs some refinement, but it's feature-complete
 2014-07-02 16:20:19 +02:00
iglocska 9bede8e1b4 Further work on the templates 2014-06-25 09:56:33 +02:00
iglocska a4a987e027 More work on the templates 
- Templates can now be created and populated
- Users can populate an event using a template (still needs work)
- File type elements are not yet implemented
 2014-06-19 08:44:35 +02:00
iglocska f4e5c22865 Work on the templating system 
- create a basic template
- add text elements to the template
- rearrange elements
 2014-06-10 15:18:49 +02:00