github/qBittorrent
1
0
Fork 0
mirror of https://github.com/qbittorrent/qBittorrent synced 2025-08-14 02:27:09 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Merge pull request #10272 from Chocobo1/login_v41x

Browse source 
Prevent login credential appearing in URL (for v4_1_x branch)
This commit is contained in:
Mike Tzou 2019-02-10 13:31:20 +08:00 committed by GitHub
commit 5877308a49
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 33 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/base/http/connection.cpp
View file

@ -66,7 +66,7 @@ void Connection::read()
case RequestParser::ParseStatus::Incomplete: {
const long bufferLimit = RequestParser::MAX_CONTENT_SIZE * 1.1; // some margin for headers
if (m_receivedData.size() > bufferLimit) {
Logger::instance()->addMessage(tr("Http request size exceeds limiation, closing socket. Limit: %ld, IP: %s")
Logger::instance()->addMessage(tr("Http request size exceeds limiation, closing socket. Limit: %1, IP: %2")
.arg(bufferLimit).arg(m_socket->peerAddress().toString()), Log::WARNING);
Response resp(413, "Payload Too Large");
@ -79,7 +79,7 @@ void Connection::read()
return;
case RequestParser::ParseStatus::BadRequest: {
Logger::instance()->addMessage(tr("Bad Http request, closing socket. IP: %s")
Logger::instance()->addMessage(tr("Bad Http request, closing socket. IP: %1")
.arg(m_socket->peerAddress().toString()), Log::WARNING);
Response resp(400, "Bad Request");

8
src/webui/www/private/css/noscript.css Normal file
View file

@ -0,0 +1,8 @@
#desktop {
display: none;
}
#noscript {
color: #f00;
text-align: center;
}

6
src/webui/www/private/index.html
View file

@ -13,6 +13,9 @@
<link rel="stylesheet" type="text/css" href="css/Layout.css" />
<link rel="stylesheet" type="text/css" href="css/Window.css" />
<link rel="stylesheet" type="text/css" href="css/Tabs.css" />
<noscript>
<link rel="stylesheet" type="text/css" href="css/noscript.css?v=${VERSION}" />
</noscript>
<script src="scripts/lib/mootools-1.2-core-yc.js"></script>
<script src="scripts/lib/mootools-1.2-more.js"></script>
<!--[if IE]>
@ -29,6 +32,9 @@
</head>
<body>
<noscript id="noscript">
<h1>QBT_TR(JavaScript Required! You must enable JavaScript for the Web UI to work properly)QBT_TR[CONTEXT=HttpServer]</h1>
</noscript>
<div id="desktop">
<div id="desktopHeader">
<!--<div id="desktopTitlebar">

8
src/webui/www/public/css/noscript.css Normal file
View file

@ -0,0 +1,8 @@
#formplace {
display: none;
}
#noscript {
color: #f00;
text-align: center;
}

8
src/webui/www/public/login.html
View file

@ -7,6 +7,9 @@
<link rel="icon" type="image/png" href="images/skin/qbittorrent32.png" />
<link rel="stylesheet" type="text/css" href="css/login.css" />
<script src="scripts/lib/mootools-1.2-core-yc.js"></script>
<noscript>
<link rel="stylesheet" type="text/css" href="css/noscript.css?v=${VERSION}" />
</noscript>
<script>
window.onload = function() {
$('username').focus();
@ -51,13 +54,16 @@
</head>
<body>
<noscript id="noscript">
<h1>QBT_TR(JavaScript Required! You must enable JavaScript for the Web UI to work properly)QBT_TR[CONTEXT=HttpServer]</h1>
</noscript>
<div id="main">
<h1>qBittorrent QBT_TR(Web UI)QBT_TR[CONTEXT=OptionsDialog]</h1>
<div id="logo" class="col">
<img src="images/skin/qbittorrent-tray.svg" alt="qBittorrent logo" />
</div>
<div id="formplace" class="col">
<form id="loginform">
<form id="loginform" method="post">
<div class="row">
<label for="username">QBT_TR(Username)QBT_TR[CONTEXT=HttpServer]</label><br />
<input type="text" id="username" name="username" /></div>

2
src/webui/www/webui.qrc
View file

@ -6,6 +6,7 @@
<file>private/css/Core.css</file>
<file>private/css/dynamicTable.css</file>
<file>private/css/Layout.css</file>
<file>private/css/noscript.css</file>
<file>private/css/style.css</file>
<file>private/css/Tabs.css</file>
<file>private/css/Window.css</file>
@ -47,6 +48,7 @@
<file>private/upload.html</file>
<file>private/uploadlimit.html</file>
<file>public/css/login.css</file>
<file>public/css/noscript.css</file>
<file>public/login.html</file>
<file>public/scripts/lib/mootools-1.2-core-yc.js</file>
</qresource>