MyFavMirrors/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-02-11 05:38:06 -05:00
Code Issues Packages Projects Releases Wiki Activity
6,773 Commits 6 Branches 143 Tags
Commit Graph

988 Commits

Author SHA1 Message Date
nmmclwhitehead
3ee06abfe8
Update webserver.js - allow saml relaystate in POST request (#6685) 
added check for relaystate saml and regex check

added in rest of allowed params

correct formatting on regex string - now evaluates correctly

set relaystate on get request

check for ipv6
 2025-01-26 14:42:48 +00:00
KevinBK1998
64c8d2c238
include username for amt direct connect in logs 2025-01-26 14:07:37 +00:00
si458
def62075c7 fix theme switch to default bug and include google fonts in csp #6665 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2025-01-06 16:02:10 +00:00
Ylian Saint-Hilaire
2a274fe569 More Duo UI improvements. 2024-12-31 11:48:30 -08:00
Ylian Saint-Hilaire
f80ba62cfc Fixed Duo 2FA security. 2024-12-31 10:37:09 -08:00
si458
68ac8cf86c fix duo and theme switcher 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-12-24 11:20:58 +00:00
Ylian Saint-Hilaire
c92b88a374 Duo changes, but not yet fully tested. 2024-12-22 19:10:35 -08:00
Simon Smith
e2362a0547
add duo authentication support (#6609) 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-12-21 13:52:54 +00:00
si458
dbb5b4ba11 add webrelay to websocket and meshctrl #6484 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-11-26 16:46:14 +00:00
si458
545bf58e8d fix pwa orientation #6554 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-11-25 10:16:13 +00:00
Ylian Saint-Hilaire
c09d2fad3e Can now switch to the bootstrap ui at runtime with ?sitestyle=3 in the url. 2024-11-03 09:34:26 -08:00
Josiah Baldwin
36f1b4d5be
Added global ws error handler (#6475) 2024-10-25 11:02:53 +01:00
si458
1e565768d1 fix sitestyle for new bootstrap 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-10-19 19:28:23 +01:00
Sammy Ndabo
5193fef888
[BETA] Meshcentral Bootstrap 5 User Interface (#6450) 
Co-authored-by: Bruno Kambere <brunokambere@gmail.com>
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: Simon Smith <simonsmith5521@gmail.com>
 2024-10-19 18:33:40 +01:00
si458
590166f847 fix meshaction with foldr based domains #6436 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-10-08 08:51:16 +01:00
si458
37729269ba fix public folder sharing for domains without dns 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-10-01 12:10:48 +01:00
si458
41d1f9d26f Revert "allow password resets when using allowaccountreset and reset together #6261" 
This reverts commit 8e5aa35bf3ba169611a074b24a32cf944264f443.
 2024-09-30 17:30:07 +01:00
si458
8e5aa35bf3 allow password resets when using allowaccountreset and reset together #6261 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-09-30 12:20:01 +01:00
Ylian Saint-Hilaire
d0014b3f8b Removed cleanReqQuery() 2024-09-26 21:13:55 -07:00
Josiah Baldwin
04c96eb2ff
Fix/xss (#6403) 
* Fixed filenames not being escaped when editing files

This allowed a possible XSS by naming a file in a particular way on your device.

* Fixed HTML generation in webserver not escaping most things from req.query

This would allow XSS through a very simple phishing attack

* Added HtmlEscape to Mobile default as well

* Added sanitization to SAML redirect and Twitter/Azure
 2024-09-26 21:09:34 -07:00
si458
0bee2be3cf generate manifest.json from domain and add pwalogo 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-09-24 19:09:14 +01:00
si458
ac0d805378 fix webrtcconfig and allow stun servers #6309 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-09-03 13:42:06 +01:00
si458
ea6682e06a fix passport failure url 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-08-30 16:31:54 +01:00
si458
4e37455471 fix agentdownload on agentonly port #3282 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-08-30 13:17:14 +01:00
si458
fa39f8a105 fix meshctrl with key=xxx and loginkey #6328 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-08-16 16:02:21 +01:00
Ylian Saint-Hilaire
a6acb35a31 Fixed typo. 2024-08-04 22:31:17 -07:00
Ylian Saint-Hilaire
fc29e60939 Improved configuration file encryption in the database, added testing. 2024-08-04 22:00:37 -07:00
si458
b0d9b17e36 fix external auth with loginkey passthrough #4883 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-07-17 15:19:05 +01:00
si458
707982a71b fix Localization Settings not saving server side #2164 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-07-16 12:06:06 +01:00
Joel Roth
9fd3e4c569
Check agent IP address instead of user IP address for agent file downloads. (#6155) 2024-06-28 14:50:57 +01:00
Simon Smith
602eb3c64a
add encoding options to remote desktop (#6198) 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-06-23 21:00:30 +01:00
Simon Smith
46ebadf440
fix mac mpkg agent again (#6194) 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-06-20 12:36:24 +01:00
Simon Smith
482e79f913
fix meshcentral-web-domain translate displaying (#6180) 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-06-17 09:48:21 +01:00
Simon Smith
0a89d07937
add userSessionsSort for session sorting (#6177) 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-06-14 09:56:02 +01:00
si458
5950b2c829 make sure to clear flash errors after display to avoid showing again #6154 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-06-11 20:46:45 +01:00
si458
42a07e9d74 fix passport failureRedirect for subdomain paths 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-06-11 20:38:09 +01:00
si458
d7341ab153 display flash errors for external auths like saml or oidc on the login screen #6154 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-06-11 20:06:19 +01:00
si458
6976992735 fix oidc paths with aliasport #6148 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-06-04 10:26:29 +01:00
si458
c67a76bcc2 fix oidc reauth #6132 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-06-01 20:31:25 +01:00
si458
62199d8057 fix handleStrategyLogin invalid token/user 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-06-01 17:13:22 +01:00
si458
52a2194116 require connect-flash for oidc #6132 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-05-28 20:00:33 +01:00
si458
26ac23c80d fix web-rdp/web-ssh save creds per user 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-05-24 17:27:22 +01:00
si458
bc6451fee5 migrate groups.enabled in oidc #6104 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-05-21 19:04:43 +01:00
si458
5c13f178be fix oidc sync groups 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-05-21 16:05:00 +01:00
si458
1c8d664962 fix oidc groups.claim undefined 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-05-17 20:01:12 +01:00
Simon Smith
f5891f2946
fix custom public folders for dns domains (#6018) 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-04-12 10:43:06 +01:00
Simon Smith
1da33f0ade
add nice404 to invite and fix invite with dns use #6017 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-04-11 18:51:54 +01:00
Simon Smith
e025e9558b
fix authStrategyFlags using wrong domain (#6015) 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-04-11 17:43:08 +01:00
Ylian Saint-Hilaire
8775b7dcf7 Set login autocomplete to off when set to false in config.json. 2024-03-24 11:03:33 -07:00
si458
4b6da03d2f fix crash caused my oidc merge 
Signed-off-by: si458 <simonsmith5521@gmail.com>
 2024-03-10 11:54:55 +00:00