From d2701f79555fe7c98381b66ff98c45a26b82054c Mon Sep 17 00:00:00 2001 From: DL6ER Date: Thu, 12 Oct 2023 18:04:30 +0200 Subject: [PATCH] We should not use JSON.stringify() but leave escaping to AJAX itself Signed-off-by: DL6ER --- scripts/pi-hole/js/footer.js | 5 +++-- scripts/pi-hole/js/groups-adlists.js | 6 +++--- scripts/pi-hole/js/groups-clients.js | 6 +++--- scripts/pi-hole/js/groups-domains.js | 8 ++++---- scripts/pi-hole/js/groups.js | 8 ++++---- scripts/pi-hole/js/login.js | 3 ++- scripts/pi-hole/js/settings-api.js | 3 ++- scripts/pi-hole/js/settings.js | 3 ++- scripts/pi-hole/js/utils.js | 4 ++-- 9 files changed, 25 insertions(+), 21 deletions(-) diff --git a/scripts/pi-hole/js/footer.js b/scripts/pi-hole/js/footer.js index 4fd4050af..7ad174dff 100644 --- a/scripts/pi-hole/js/footer.js +++ b/scripts/pi-hole/js/footer.js @@ -119,10 +119,11 @@ function piholeChange(action, duration) { $.ajax({ url: "/api/dns/blocking", method: "POST", - data: JSON.stringify({ + dataType: "json", + data: { blocking: action === "enable", timer: parseInt(duration, 10) > 0 ? parseInt(duration, 10) : null, - }), + }, }) .done(function (data) { if (data.blocking === action + "d") { diff --git a/scripts/pi-hole/js/groups-adlists.js b/scripts/pi-hole/js/groups-adlists.js index 84ff709c2..624972b3c 100644 --- a/scripts/pi-hole/js/groups-adlists.js +++ b/scripts/pi-hole/js/groups-adlists.js @@ -516,7 +516,7 @@ function addAdlist(event) { url: "/api/lists", method: "post", dataType: "json", - data: JSON.stringify({ address: address, comment: comment, type: type }), + data: { address: address, comment: comment, type: type }, success: function () { utils.enableAll(); utils.showAlert("success", "fas fa-plus", "Successfully added " + type + "list", address); @@ -582,12 +582,12 @@ function editAdlist() { url: "/api/lists/" + encodeURIComponent(addressDecoded), method: "put", dataType: "json", - data: JSON.stringify({ + data: { groups: groups, comment: comment, enabled: enabled, type: type, - }), + }, success: function () { utils.enableAll(); utils.showAlert( diff --git a/scripts/pi-hole/js/groups-clients.js b/scripts/pi-hole/js/groups-clients.js index 843be7b97..6a7aecefa 100644 --- a/scripts/pi-hole/js/groups-clients.js +++ b/scripts/pi-hole/js/groups-clients.js @@ -440,7 +440,7 @@ function addClient() { url: "/api/clients", method: "post", dataType: "json", - data: JSON.stringify({ client: ip, comment: comment }), + data: { client: ip, comment: comment }, success: function () { utils.enableAll(); utils.showAlert("success", "fas fa-plus", "Successfully added client", ip); @@ -495,12 +495,12 @@ function editClient() { url: "/api/clients/" + encodeURIComponent(clientDecoded), method: "put", dataType: "json", - data: JSON.stringify({ + data: { client: client, groups: groups, comment: comment, enabled: enabled, - }), + }, success: function () { utils.enableAll(); utils.showAlert( diff --git a/scripts/pi-hole/js/groups-domains.js b/scripts/pi-hole/js/groups-domains.js index 1429a95a1..8158caf88 100644 --- a/scripts/pi-hole/js/groups-domains.js +++ b/scripts/pi-hole/js/groups-domains.js @@ -527,12 +527,12 @@ function addDomain() { url: "/api/domains/" + type + "/" + kind, method: "post", dataType: "json", - data: JSON.stringify({ + data: { domain: domain, comment: comment, type: type, kind: kind, - }), + }, success: function () { utils.enableAll(); utils.showAlert("success", "fas fa-plus", "Successfully added domain", domain); @@ -609,13 +609,13 @@ function editDomain() { url: "/api/domains/" + newTypestr + "/" + encodeURIComponent(domainDecoded), method: "put", dataType: "json", - data: JSON.stringify({ + data: { groups: groups, comment: comment, enabled: enabled, type: oldType, kind: oldKind, - }), + }, success: function () { utils.enableAll(); utils.showAlert( diff --git a/scripts/pi-hole/js/groups.js b/scripts/pi-hole/js/groups.js index 0beab5baf..5e8f99303 100644 --- a/scripts/pi-hole/js/groups.js +++ b/scripts/pi-hole/js/groups.js @@ -294,11 +294,11 @@ function addGroup() { url: "/api/groups", method: "post", dataType: "json", - data: JSON.stringify({ + data: { name: name, comment: comment, enabled: true, - }), + }, success: function () { utils.enableAll(); utils.showAlert("success", "fas fa-plus", "Successfully added group", name); @@ -360,11 +360,11 @@ function editGroup() { url: "/api/groups/" + oldName, method: "put", dataType: "json", - data: JSON.stringify({ + data: { name: name, comment: comment, enabled: enabled, - }), + }, success: function () { utils.enableAll(); utils.showAlert("success", "fas fa-pencil-alt", "Successfully " + done + " group", oldName); diff --git a/scripts/pi-hole/js/login.js b/scripts/pi-hole/js/login.js index 3f4028413..4dc518f47 100644 --- a/scripts/pi-hole/js/login.js +++ b/scripts/pi-hole/js/login.js @@ -60,7 +60,8 @@ function doLogin(password) { $.ajax({ url: "/api/auth", method: "POST", - data: JSON.stringify({ password: password, totp: parseInt($("#totp").val(), 10) }), + dataType: "json", + data: { password: password, totp: parseInt($("#totp").val(), 10) }, }) .done(function () { wrongPassword(false, true); diff --git a/scripts/pi-hole/js/settings-api.js b/scripts/pi-hole/js/settings-api.js index b0e4fea21..6bb17f678 100644 --- a/scripts/pi-hole/js/settings-api.js +++ b/scripts/pi-hole/js/settings-api.js @@ -318,7 +318,8 @@ function setTOTPSecret(secret) { $.ajax({ url: "/api/config", type: "PATCH", - data: JSON.stringify({ config: { webserver: { api: { totp_secret: secret } } } }), + dataType: "json", + data: { config: { webserver: { api: { totp_secret: secret } } } }, contentType: "application/json", }) .done(function () { diff --git a/scripts/pi-hole/js/settings.js b/scripts/pi-hole/js/settings.js index 6922cdbb5..b7ef7265e 100644 --- a/scripts/pi-hole/js/settings.js +++ b/scripts/pi-hole/js/settings.js @@ -137,7 +137,8 @@ function saveSettings() { $.ajax({ url: "/api/config", method: "PATCH", - data: JSON.stringify({ config: settings }), + dataType: "json", + data: { config: settings }, contentType: "application/json; charset=utf-8", }) .done(function () { diff --git a/scripts/pi-hole/js/utils.js b/scripts/pi-hole/js/utils.js index cbeb63041..530725ab0 100644 --- a/scripts/pi-hole/js/utils.js +++ b/scripts/pi-hole/js/utils.js @@ -315,12 +315,12 @@ function addFromQueryLog(domain, list) { url: "/api/domains/" + list + "/exact", method: "post", dataType: "json", - data: JSON.stringify({ + data: { domain: domain, comment: "Added from Query Log", type: list, kind: "exact", - }), + }, success: function (response) { alProcessing.hide(); if ("domains" in response && response.domains.length > 0) {