From 25e774ca7990e3786de650c10fc8b169d1dc32c5 Mon Sep 17 00:00:00 2001 From: Alicia Sykes Date: Sun, 14 Apr 2024 20:50:03 +0100 Subject: [PATCH] =?UTF-8?q?=F0=9F=94=92=20Enables=20sensetive=20data=20to?= =?UTF-8?q?=20be=20passed=20by=20env=20var?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/components/Widgets/AdGuardDnsInfo.vue | 6 ++++-- src/components/Widgets/AdGuardFilterStatus.vue | 6 ++++-- src/components/Widgets/AdGuardStats.vue | 6 ++++-- src/components/Widgets/AdGuardTopDomains.vue | 6 ++++-- src/components/Widgets/AnonAddy.vue | 4 ++-- src/components/Widgets/BlacklistCheck.vue | 2 +- src/components/Widgets/CodeStats.vue | 4 ++-- src/components/Widgets/DomainMonitor.vue | 4 ++-- src/components/Widgets/DroneCi.vue | 2 +- src/components/Widgets/ExchangeRates.vue | 2 +- src/components/Widgets/Flights.vue | 2 +- src/components/Widgets/GluetunStatus.vue | 2 +- src/components/Widgets/HealthChecks.vue | 2 +- src/components/Widgets/Linkding.vue | 4 ++-- src/components/Widgets/NewsHeadlines.vue | 2 +- src/components/Widgets/NextcloudNotifications.vue | 2 +- src/components/Widgets/NextcloudStats.vue | 2 +- src/components/Widgets/Proxmox.vue | 10 +++++----- src/components/Widgets/PublicIp.vue | 2 +- src/components/Widgets/RssFeed.vue | 2 +- src/components/Widgets/SportsScores.vue | 2 +- src/components/Widgets/StockPriceChart.vue | 2 +- src/components/Widgets/SynologyDownload.vue | 6 +++--- src/components/Widgets/UptimeKuma.vue | 8 ++------ src/components/Widgets/WalletBalance.vue | 2 +- src/components/Widgets/Weather.vue | 13 ++++++------- 26 files changed, 54 insertions(+), 51 deletions(-) diff --git a/src/components/Widgets/AdGuardDnsInfo.vue b/src/components/Widgets/AdGuardDnsInfo.vue index a1b1fcb8..beb18725 100644 --- a/src/components/Widgets/AdGuardDnsInfo.vue +++ b/src/components/Widgets/AdGuardDnsInfo.vue @@ -26,7 +26,7 @@ export default { /* URL/ IP or hostname to the AdGuardHome instance, without trailing slash */ hostname() { if (!this.options.hostname) this.error('You must specify the path to your AdGuard server'); - return this.options.hostname; + return this.parseAsEnvVar(this.options.hostname); }, showFullInfo() { return this.options.showFullInfo; @@ -39,7 +39,9 @@ export default { }, authHeaders() { if (this.options.username && this.options.password) { - const encoded = window.btoa(`${this.options.username}:${this.options.password}`); + const password = this.parseAsEnvVar(this.options.password); + const username = this.parseAsEnvVar(this.options.username); + const encoded = window.btoa(`${username}:${password}`); return { Authorization: `Basic ${encoded}` }; } return {}; diff --git a/src/components/Widgets/AdGuardFilterStatus.vue b/src/components/Widgets/AdGuardFilterStatus.vue index bf1899fe..5997086f 100644 --- a/src/components/Widgets/AdGuardFilterStatus.vue +++ b/src/components/Widgets/AdGuardFilterStatus.vue @@ -38,7 +38,7 @@ export default { /* URL/ IP or hostname to the AdGuardHome instance, without trailing slash */ hostname() { if (!this.options.hostname) this.error('You must specify the path to your AdGuard server'); - return this.options.hostname; + return this.parseAsEnvVar(this.options.hostname); }, showOnOffStatusOnly() { return this.options.showOnOffStatusOnly; @@ -48,7 +48,9 @@ export default { }, authHeaders() { if (this.options.username && this.options.password) { - const encoded = window.btoa(`${this.options.username}:${this.options.password}`); + const username = this.parseAsEnvVar(this.options.username); + const password = this.parseAsEnvVar(this.options.password); + const encoded = window.btoa(`${username}:${password}`); return { Authorization: `Basic ${encoded}` }; } return {}; diff --git a/src/components/Widgets/AdGuardStats.vue b/src/components/Widgets/AdGuardStats.vue index f1123546..2c649d30 100644 --- a/src/components/Widgets/AdGuardStats.vue +++ b/src/components/Widgets/AdGuardStats.vue @@ -20,14 +20,16 @@ export default { /* URL/ IP or hostname to the AdGuardHome instance, without trailing slash */ hostname() { if (!this.options.hostname) this.error('You must specify the path to your AdGuard server'); - return this.options.hostname; + return this.parseAsEnvVar(this.options.hostname); }, endpoint() { return `${this.hostname}/control/stats`; }, authHeaders() { if (this.options.username && this.options.password) { - const encoded = window.btoa(`${this.options.username}:${this.options.password}`); + const username = this.parseAsEnvVar(this.options.username); + const password = this.parseAsEnvVar(this.options.password); + const encoded = window.btoa(`${username}:${password}`); return { Authorization: `Basic ${encoded}` }; } return {}; diff --git a/src/components/Widgets/AdGuardTopDomains.vue b/src/components/Widgets/AdGuardTopDomains.vue index d19ff7d7..69759457 100644 --- a/src/components/Widgets/AdGuardTopDomains.vue +++ b/src/components/Widgets/AdGuardTopDomains.vue @@ -36,11 +36,13 @@ export default { /* URL/ IP or hostname to the AdGuardHome instance, without trailing slash */ hostname() { if (!this.options.hostname) this.error('You must specify the path to your AdGuard server'); - return this.options.hostname; + return this.parseAsEnvVar(this.options.hostname); }, authHeaders() { if (this.options.username && this.options.password) { - const encoded = window.btoa(`${this.options.username}:${this.options.password}`); + const username = this.parseAsEnvVar(this.options.username); + const password = this.parseAsEnvVar(this.options.password); + const encoded = window.btoa(`${username}:${password}`); return { Authorization: `Basic ${encoded}` }; } return {}; diff --git a/src/components/Widgets/AnonAddy.vue b/src/components/Widgets/AnonAddy.vue index 0e466c05..eb5d4d6c 100644 --- a/src/components/Widgets/AnonAddy.vue +++ b/src/components/Widgets/AnonAddy.vue @@ -113,7 +113,7 @@ export default { }, computed: { hostname() { - return this.options.hostname || widgetApiEndpoints.anonAddy; + return this.parseAsEnvVar(this.options.hostname) || widgetApiEndpoints.anonAddy; }, apiVersion() { return this.options.apiVersion || 'v1'; @@ -132,7 +132,7 @@ export default { }, apiKey() { if (!this.options.apiKey) this.error('An apiKey is required'); - return this.options.apiKey; + return this.parseAsEnvVar(this.options.apiKey); }, hideMeta() { return this.options.hideMeta; diff --git a/src/components/Widgets/BlacklistCheck.vue b/src/components/Widgets/BlacklistCheck.vue index ad5975b9..7fee0094 100644 --- a/src/components/Widgets/BlacklistCheck.vue +++ b/src/components/Widgets/BlacklistCheck.vue @@ -35,7 +35,7 @@ export default { }, apiKey() { if (!this.options.apiKey) this.error('Missing API Key'); - return this.options.apiKey; + return this.parseAsEnvVar(this.options.apiKey); }, endpoint() { return `${widgetApiEndpoints.blacklistCheck}/${this.ipAddress}`; diff --git a/src/components/Widgets/CodeStats.vue b/src/components/Widgets/CodeStats.vue index 61c3ae69..29be3b19 100644 --- a/src/components/Widgets/CodeStats.vue +++ b/src/components/Widgets/CodeStats.vue @@ -38,12 +38,12 @@ export default { /* The username to fetch data from - REQUIRED */ username() { if (!this.options.username) this.error('You must specify a username'); - return this.options.username; + return this.parseAsEnvVar(this.options.username); }, /* Optionally override hostname, if using a self-hosted instance */ hostname() { if (this.options.hostname) return this.options.hostname; - return widgetApiEndpoints.codeStats; + return this.parseAsEnvVar(widgetApiEndpoints.codeStats); }, hideMeta() { return this.options.hideMeta || false; diff --git a/src/components/Widgets/DomainMonitor.vue b/src/components/Widgets/DomainMonitor.vue index 90d6c8ae..274d84fc 100644 --- a/src/components/Widgets/DomainMonitor.vue +++ b/src/components/Widgets/DomainMonitor.vue @@ -63,11 +63,11 @@ export default { computed: { apiKey() { if (!this.options.apiKey) this.error('Missing API Key'); - return this.options.apiKey; + return this.parseAsEnvVar(this.options.apiKey); }, domain() { if (!this.options.domain) this.error('Missing Domain Name Key'); - return this.options.domain; + return this.parseAsEnvVar(this.options.domain); }, endpoint() { return `${widgetApiEndpoints.domainMonitor}/?domain=${this.domain}&r=whois&apikey=${this.apiKey}`; diff --git a/src/components/Widgets/DroneCi.vue b/src/components/Widgets/DroneCi.vue index 8ffb4e84..b80a792d 100644 --- a/src/components/Widgets/DroneCi.vue +++ b/src/components/Widgets/DroneCi.vue @@ -106,7 +106,7 @@ export default { if (!this.options.apiKey) { this.error('An API key is required, please see the docs for more info'); } - return this.options.apiKey; + return this.parseAsEnvVar(this.options.apiKey); }, }, methods: { diff --git a/src/components/Widgets/ExchangeRates.vue b/src/components/Widgets/ExchangeRates.vue index 1c68dc14..294747a3 100644 --- a/src/components/Widgets/ExchangeRates.vue +++ b/src/components/Widgets/ExchangeRates.vue @@ -45,7 +45,7 @@ export default { computed: { /* The users API key for exchangerate-api.com */ apiKey() { - return this.options.apiKey; + return this.parseAsEnvVar(this.options.apiKey); }, /* The currency to convert results into */ inputCurrency() { diff --git a/src/components/Widgets/Flights.vue b/src/components/Widgets/Flights.vue index 40adc857..f292317f 100644 --- a/src/components/Widgets/Flights.vue +++ b/src/components/Widgets/Flights.vue @@ -71,7 +71,7 @@ export default { this.error('An API key must be supplied'); return ''; } - return usersChoice; + return this.parseAsEnvVar(usersChoice); }, /* The direction of flights: Arrival, Departure or Both */ direction() { diff --git a/src/components/Widgets/GluetunStatus.vue b/src/components/Widgets/GluetunStatus.vue index c07e96e2..f178dffe 100644 --- a/src/components/Widgets/GluetunStatus.vue +++ b/src/components/Widgets/GluetunStatus.vue @@ -58,7 +58,7 @@ export default { }, hostname() { if (!this.options.hostname) this.error('`hostname` is required'); - return this.options.hostname; + return this.parseAsEnvVar(this.options.hostname); }, }, methods: { diff --git a/src/components/Widgets/HealthChecks.vue b/src/components/Widgets/HealthChecks.vue index 2ef02823..964fbff7 100644 --- a/src/components/Widgets/HealthChecks.vue +++ b/src/components/Widgets/HealthChecks.vue @@ -56,7 +56,7 @@ export default { this.error('An API key is required, please see the docs for more info'); } if (typeof this.options.apiKey === 'string') { - return [this.options.apiKey]; + return [this.parseAsEnvVar(this.options.apiKey)]; } return this.options.apiKey; }, diff --git a/src/components/Widgets/Linkding.vue b/src/components/Widgets/Linkding.vue index 188fe9f2..0c2e26ec 100644 --- a/src/components/Widgets/Linkding.vue +++ b/src/components/Widgets/Linkding.vue @@ -30,11 +30,11 @@ export default { computed: { endpoint() { if (!this.options.host) this.error('linkgding Host is required'); - return `${this.options.host}/api/bookmarks`; + return `${this.parseAsEnvVar(this.options.host)}/api/bookmarks`; }, apiKey() { if (!this.options.apiKey) this.error('linkgding apiKey is required'); - return this.options.apiKey; + return this.parseAsEnvVar(this.options.apiKey); }, filtertags() { return this.options.tags; diff --git a/src/components/Widgets/NewsHeadlines.vue b/src/components/Widgets/NewsHeadlines.vue index d467c70c..9d6df019 100644 --- a/src/components/Widgets/NewsHeadlines.vue +++ b/src/components/Widgets/NewsHeadlines.vue @@ -29,7 +29,7 @@ export default { computed: { apiKey() { if (!this.options.apiKey) this.error('An API key is required, see docs for more info'); - return this.options.apiKey; + return this.parseAsEnvVar(this.options.apiKey); }, country() { return this.options.country ? `&country=${this.options.country}` : ''; diff --git a/src/components/Widgets/NextcloudNotifications.vue b/src/components/Widgets/NextcloudNotifications.vue index dd1d4f34..62802f2e 100644 --- a/src/components/Widgets/NextcloudNotifications.vue +++ b/src/components/Widgets/NextcloudNotifications.vue @@ -22,7 +22,7 @@ {{ tt('delete-notification') }} + class="action secondary">{{ tt('delete-notification') }}

diff --git a/src/components/Widgets/NextcloudStats.vue b/src/components/Widgets/NextcloudStats.vue index 8860434f..12e5d1fe 100644 --- a/src/components/Widgets/NextcloudStats.vue +++ b/src/components/Widgets/NextcloudStats.vue @@ -44,7 +44,7 @@ {{ tt('local') }} {{ tt('and') }} + + shares.num_fed_shares_received)"> {{ tt('federated-shares') }} diff --git a/src/components/Widgets/Proxmox.vue b/src/components/Widgets/Proxmox.vue index 5ae09fcc..c24724af 100644 --- a/src/components/Widgets/Proxmox.vue +++ b/src/components/Widgets/Proxmox.vue @@ -34,22 +34,22 @@ export default { computed: { clusterUrl() { if (!this.options.cluster_url) this.error('The cluster URL is required.'); - return this.options.cluster_url || ''; + return this.parseAsEnvVar(this.options.cluster_url) || ''; }, userName() { if (!this.options.user_name) this.error('The user name is required.'); - return this.options.user_name || ''; + return this.parseAsEnvVar(this.options.user_name) || ''; }, tokenName() { if (!this.options.token_name) this.error('The token name is required.'); - return this.options.token_name || ''; + return this.parseAsEnvVar(this.options.token_name) || ''; }, tokenUuid() { if (!this.options.token_uuid) this.error('The token uuid is required.'); - return this.options.token_uuid || ''; + return this.parseAsEnvVar(this.options.token_uuid) || ''; }, node() { - return this.options.node || ''; + return this.parseAsEnvVar(this.options.node) || ''; }, nodeData() { return this.options.node_data || false; diff --git a/src/components/Widgets/PublicIp.vue b/src/components/Widgets/PublicIp.vue index 86cd0032..8a188974 100644 --- a/src/components/Widgets/PublicIp.vue +++ b/src/components/Widgets/PublicIp.vue @@ -35,7 +35,7 @@ export default { }, provider() { // Can be either `ip-api`, `ipapi.co` or `ipgeolocation` - return this.options.provider || 'ipapi.co'; + return this.parseAsEnvVar(this.options.provider) || 'ipapi.co'; }, }, data() { diff --git a/src/components/Widgets/RssFeed.vue b/src/components/Widgets/RssFeed.vue index de9857aa..f958f603 100644 --- a/src/components/Widgets/RssFeed.vue +++ b/src/components/Widgets/RssFeed.vue @@ -51,7 +51,7 @@ export default { return this.options.rssUrl || ''; }, apiKey() { - return this.options.apiKey; + return this.parseAsEnvVar(this.options.apiKey); }, parseLocally() { return this.options.parseLocally; diff --git a/src/components/Widgets/SportsScores.vue b/src/components/Widgets/SportsScores.vue index 2046e01c..6eadc536 100644 --- a/src/components/Widgets/SportsScores.vue +++ b/src/components/Widgets/SportsScores.vue @@ -93,7 +93,7 @@ export default { return this.options.leagueId; }, apiKey() { - return this.options.apiKey || '50130162'; + return this.parseAsEnvVar(this.options.apiKey) || '50130162'; }, limit() { return this.options.limit || 20; diff --git a/src/components/Widgets/StockPriceChart.vue b/src/components/Widgets/StockPriceChart.vue index 68eec186..d8fb35bf 100644 --- a/src/components/Widgets/StockPriceChart.vue +++ b/src/components/Widgets/StockPriceChart.vue @@ -29,7 +29,7 @@ export default { }, /* The users API key for AlphaVantage */ apiKey() { - return this.options.apiKey; + return this.parseAsEnvVar(this.options.apiKey); }, /* The formatted GET request API endpoint to fetch stock data from */ endpoint() { diff --git a/src/components/Widgets/SynologyDownload.vue b/src/components/Widgets/SynologyDownload.vue index aa82089e..fe2fcaa9 100644 --- a/src/components/Widgets/SynologyDownload.vue +++ b/src/components/Widgets/SynologyDownload.vue @@ -45,15 +45,15 @@ export default { computed: { hostname() { if (!this.options.hostname) this.error('A hostname is required'); - return this.options.hostname; + return this.parseAsEnvVar(this.options.hostname); }, username() { if (!this.options.username) this.error('A username is required'); - return this.options.username; + return this.parseAsEnvVar(this.options.username); }, password() { if (!this.options.password) this.error('A password is required'); - return this.options.password; + return this.parseAsEnvVar(this.options.password); }, endpointLogin() { return `${this.hostname}/webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=${this.username}&passwd=${this.password}&session=DownloadStation&format=sid`; diff --git a/src/components/Widgets/UptimeKuma.vue b/src/components/Widgets/UptimeKuma.vue index b58c1d08..b342b767 100644 --- a/src/components/Widgets/UptimeKuma.vue +++ b/src/components/Widgets/UptimeKuma.vue @@ -52,15 +52,11 @@ export default { computed: { /* Get API key for access to instance */ apiKey() { - const { apiKey } = this.options; - - return apiKey; + return this.parseAsEnvVar(this.options.apiKey); }, /* Get instance URL */ url() { - const { url } = this.options; - - return url; + return this.parseAsEnvVar(this.options.url); }, /* Create authorisation header for the instance from the apiKey */ authHeaders() { diff --git a/src/components/Widgets/WalletBalance.vue b/src/components/Widgets/WalletBalance.vue index 923ae8f9..c2d6dc74 100644 --- a/src/components/Widgets/WalletBalance.vue +++ b/src/components/Widgets/WalletBalance.vue @@ -53,7 +53,7 @@ export default { }, address() { if (!this.options.address) this.error('You must specify a public address'); - return this.options.address; + return this.parseAsEnvVar(this.options.address); }, network() { return this.options.network || 'main'; diff --git a/src/components/Widgets/Weather.vue b/src/components/Widgets/Weather.vue index a72a0dde..11b164dd 100644 --- a/src/components/Widgets/Weather.vue +++ b/src/components/Widgets/Weather.vue @@ -46,13 +46,12 @@ export default { return this.options.units || 'metric'; }, endpoint() { - const { - apiKey, city, lat, lon, - } = this.options; - if (lat && lon) { - return `${widgetApiEndpoints.weather}?lat=${lat}&lon=${lon}&appid=${apiKey}&units=${this.units}`; - } - return `${widgetApiEndpoints.weather}?q=${city}&appid=${apiKey}&units=${this.units}`; + const apiKey = this.parseAsEnvVar(this.options.apiKey); + const { city, lat, lon } = this.options; + const params = (lat && lon) + ? `lat=${lat}&lon=${lon}&appid=${apiKey}&units=${this.units}` + : `q=${city}&appid=${apiKey}&units=${this.units}`; + return `${widgetApiEndpoints.weather}?${params}`; }, tempDisplayUnits() { switch (this.units) {