Hello Erik, Yes, thank you. That looks good to me.
-Michael > On 22 Oct 2025, at 19:02, ummeegge <[email protected]> wrote: > > Hi Michael, > hope version 2 fits the needs. > > Best, > > Erik > > Am Mittwoch, dem 22.10.2025 um 11:17 +0100 schrieb Michael Tremer: >> Hello Erik, >> >> Thank you for your patch. >> >> I cannot quite merge this because the patch changes behaviour so that >> the browser could write arbitrary values into the configuration file >> without further sanitisation. To fix this, we must check if >> $cgiparams{'IEEE80211W’} contains one of three possible values. >> >> Would you like to update this patch accordingly? >> >> -Michael >> >>> On 17 Oct 2025, at 10:42, ummeegge <[email protected]> wrote: >>> >>> Original ternary ignored 'optional' and forced 'off'. >>> Use defined-or (//) to preserve all select values. >>> >>> Signed-off-by: ummeegge <[email protected]> >>> --- >>> html/cgi-bin/wlanap.cgi | 2 +- >>> 1 file changed, 1 insertion(+), 1 deletion(-) >>> >>> diff --git a/html/cgi-bin/wlanap.cgi b/html/cgi-bin/wlanap.cgi >>> index 600ddc489..afdba59b3 100644 >>> --- a/html/cgi-bin/wlanap.cgi >>> +++ b/html/cgi-bin/wlanap.cgi >>> @@ -118,7 +118,7 @@ if ($cgiparams{'ACTION'} eq >>> "$Lang::tr{'save'}") { >>> $wlanapsettings{'NOSCAN'} = ($cgiparams{'NOSCAN'} eq 'on') ? 'on' : >>> 'off'; >>> $wlanapsettings{'ENC'} = $cgiparams{'ENC'}; >>> $wlanapsettings{'PWD'} = $cgiparams{'PWD'}; >>> - $wlanapsettings{'IEEE80211W'} = ($cgiparams{'IEEE80211W'} eq >>> 'on') ? 'on' : 'off'; >>> + $wlanapsettings{'IEEE80211W'} = $cgiparams{'IEEE80211W'} // >>> 'off'; >>> $wlanapsettings{'TX_POWER'} = $cgiparams{'TX_POWER'}; >>> >>> if ($errormessage eq '') { >>> -- >>> 2.47.2 >>> >>> >
