From 721ec9414546d1968dcaed39e1986b415759d2c5 Mon Sep 17 00:00:00 2001
From: Stan Grishin <stangri@melmac.ca>
Date: Mon, 19 Jan 2026 23:54:50 +0000
Subject: [PATCH] luci-app-https-dns-proxy: update to 2025.12.29-3

status.js:
* update the donate anchor
* replace RPCD call with direct ubus pull of service info for faster
  operation

Overview page include javascript file:
* replace RPCD call with ubus pull

RPCD script:
* remove obsolete getRuntime method
* bugfix: prevent execution of arbitrary code (thanks @iwallplace)

ACL file:
* remove obsolete getRuntime access and add access to service list

Signed-off-by: Stan Grishin <stangri@melmac.ca>
---
 .../luci-app-https-dns-proxy/Makefile         |  2 +-
 .../resources/https-dns-proxy/status.js       | 51 +++++++++----------
 .../view/status/include/71_https-dns-proxy.js |  2 +-
 .../po/templates/https-dns-proxy.pot          | 46 ++++++++---------
 .../usr/libexec/rpcd/luci.https-dns-proxy     | 24 +++------
 .../rpcd/acl.d/luci-app-https-dns-proxy.json  | 19 +++----
 6 files changed, 62 insertions(+), 82 deletions(-)

diff --git a/applications/luci-app-https-dns-proxy/Makefile b/applications/luci-app-https-dns-proxy/Makefile
index dc867abb6b..933f62f0af 100644
--- a/applications/luci-app-https-dns-proxy/Makefile
+++ b/applications/luci-app-https-dns-proxy/Makefile
@@ -7,7 +7,7 @@ PKG_NAME:=luci-app-https-dns-proxy
 PKG_LICENSE:=AGPL-3.0-or-later
 PKG_MAINTAINER:=Stan Grishin <stangri@melmac.ca>
 PKG_VERSION:=2025.12.29
-PKG_RELEASE:=1
+PKG_RELEASE:=3
 
 LUCI_TITLE:=DNS Over HTTPS Proxy Web UI
 LUCI_URL:=https://github.com/stangri/luci-app-https-dns-proxy/
diff --git a/applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js b/applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js
index da0335746f..64039d9da8 100644
--- a/applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js
+++ b/applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js
@@ -30,22 +30,22 @@ var pkg = {
 			pkg.Name +
 			"/" +
 			(pkg.ReadmeCompat ? pkg.ReadmeCompat + "/" : "") +
-			"#Donate"
+			"#donate"
 		);
 	},
 	templateToRegexp: function (template) {
 		if (template)
 			return new RegExp(
 				"^" +
-					template
-						.split(/(\{\w+\})/g)
-						.map((part) => {
-							let placeholder = part.match(/^\{(\w+)\}$/);
-							if (placeholder) return `(?<${placeholder[1]}>.*?)`;
-							else return part.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
-						})
-						.join("") +
-					"$"
+				template
+					.split(/(\{\w+\})/g)
+					.map((part) => {
+						let placeholder = part.match(/^\{(\w+)\}$/);
+						if (placeholder) return `(?<${placeholder[1]}>.*?)`;
+						else return part.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
+					})
+					.join("") +
+				"$"
 			);
 		return new RegExp("");
 	},
@@ -79,10 +79,10 @@ const getProviders = rpc.declare({
 	params: ["name"],
 });
 
-const getRuntime = rpc.declare({
-	object: "luci." + pkg.Name,
-	method: "getRuntime",
-	params: ["name"],
+const getServiceInfo = rpc.declare({
+	object: "service",
+	method: "list",
+	params: ["name", "verbose"],
 });
 
 const _setInitAction = rpc.declare({
@@ -138,10 +138,10 @@ var RPC = {
 			}.bind(this)
 		);
 	},
-	getRuntime: function (name) {
-		getRuntime(name).then(
+	getServiceInfo: function (name, verbose) {
+		getServiceInfo(name, verbose).then(
 			function (result) {
-				this.emit("getRuntime", result);
+				this.emit("getServiceInfo", result);
 			}.bind(this)
 		);
 	},
@@ -159,7 +159,7 @@ var status = baseclass.extend({
 		return Promise.all([
 			L.resolveDefault(getInitStatus(pkg.Name), {}),
 			L.resolveDefault(getProviders(pkg.Name), {}),
-			L.resolveDefault(getRuntime(pkg.Name), {}),
+			L.resolveDefault(getServiceInfo(pkg.Name, true), {}),
 		]).then(function (data) {
 			var text;
 			var reply = {
@@ -170,9 +170,8 @@ var status = baseclass.extend({
 					version: null,
 				},
 				providers: (data[1] && data[1][pkg.Name]) || [{ title: "empty" }],
-				runtime: (data[2] && data[2][pkg.Name]) || {
-					instances: null,
-					triggers: [],
+				ubus: (data[2] && data[2][pkg.Name]) || {
+					instances: {},
 				},
 			};
 			reply.providers.sort(function (a, b) {
@@ -220,7 +219,7 @@ var status = baseclass.extend({
 			]);
 
 			var instancesDiv = [];
-			if (reply.runtime.instances) {
+			if (reply.ubus.instances && Object.keys(reply.ubus.instances).length > 0) {
 				var instancesTitle = E(
 					"label",
 					{ class: "cbi-value-title" },
@@ -228,14 +227,14 @@ var status = baseclass.extend({
 				);
 				text = _("See the %sREADME%s for details.").format(
 					'<a href="' +
-						pkg.URL +
-						'#a-word-about-default-routing " target="_blank">',
+					pkg.URL +
+					'#a-word-about-default-routing " target="_blank">',
 					"</a>"
 				);
 				var instancesDescr = E("div", { class: "cbi-value-description" }, "");
 
 				text = "";
-				Object.values(reply.runtime.instances).forEach((element) => {
+				Object.values(reply.ubus.instances).forEach((element) => {
 					var resolver;
 					var address;
 					var port;
@@ -464,5 +463,5 @@ return L.Class.extend({
 	getInitStatus: getInitStatus,
 	getPlatformSupport: getPlatformSupport,
 	getProviders: getProviders,
-	getRuntime: getRuntime,
+	getServiceInfo: getServiceInfo,
 });
diff --git a/applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/view/status/include/71_https-dns-proxy.js b/applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/view/status/include/71_https-dns-proxy.js
index f1bb8cadb0..9d10fa986d 100644
--- a/applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/view/status/include/71_https-dns-proxy.js
+++ b/applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/view/status/include/71_https-dns-proxy.js
@@ -14,7 +14,7 @@ return baseclass.extend({
 		return Promise.all([
 			hdp.getInitStatus(pkg.Name),
 			hdp.getProviders(pkg.Name),
-			hdp.getRuntime(pkg.Name),
+			hdp.getServiceInfo(pkg.Name),
 		]);
 	},
 
diff --git a/applications/luci-app-https-dns-proxy/po/templates/https-dns-proxy.pot b/applications/luci-app-https-dns-proxy/po/templates/https-dns-proxy.pot
index 9905aa0332..dac60633c9 100644
--- a/applications/luci-app-https-dns-proxy/po/templates/https-dns-proxy.pot
+++ b/applications/luci-app-https-dns-proxy/po/templates/https-dns-proxy.pot
@@ -1,11 +1,11 @@
 msgid ""
 msgstr "Content-Type: text/plain; charset=UTF-8"
 
-#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:284
+#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:283
 msgid "%s%s%s proxy at %s on port %s.%s"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:276
+#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:275
 msgid "%s%s%s proxy on port %s.%s"
 msgstr ""
 
@@ -205,11 +205,11 @@ msgstr ""
 msgid "Direct"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:408
+#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:407
 msgid "Disable"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:402
+#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:401
 msgid "Disabling %s service"
 msgstr ""
 
@@ -225,11 +225,11 @@ msgstr ""
 msgid "DoH DNS (SB)"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:389
+#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:388
 msgid "Enable"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:383
+#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:382
 msgid "Enabling %s service"
 msgstr ""
 
@@ -263,7 +263,7 @@ msgstr ""
 msgid "Force DNS Ports"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:197
+#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:196
 msgid "Force DNS ports:"
 msgstr ""
 
@@ -326,7 +326,7 @@ msgstr ""
 msgid "HTTPS DNS Proxy - Instances"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:187
+#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:186
 msgid "HTTPS DNS Proxy - Status"
 msgstr ""
 
@@ -461,7 +461,7 @@ msgstr ""
 msgid "Norway"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:213
+#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:212
 msgid "Not installed or not found"
 msgstr ""
 
@@ -486,7 +486,7 @@ msgstr ""
 msgid "Parameter"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:295
+#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:294
 msgid "Please %sdonate%s to support development of this project."
 msgstr ""
 
@@ -546,11 +546,11 @@ msgstr ""
 msgid "Quad 9"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:351
+#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:350
 msgid "Restart"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:345
+#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:344
 msgid "Restarting %s service"
 msgstr ""
 
@@ -593,7 +593,7 @@ msgstr ""
 msgid "Security Filter"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:229
+#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:228
 msgid "See the %sREADME%s for details."
 msgstr ""
 
@@ -601,11 +601,11 @@ msgstr ""
 msgid "Select the DNSMASQ Configs to update"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:434
+#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:433
 msgid "Service Control"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:227
+#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:226
 msgid "Service Instances"
 msgstr ""
 
@@ -613,7 +613,7 @@ msgstr ""
 msgid "Service Options"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:191
+#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:190
 msgid "Service Status"
 msgstr ""
 
@@ -647,11 +647,11 @@ msgstr ""
 msgid "Standard"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:332
+#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:331
 msgid "Start"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:326
+#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:325
 msgid "Starting %s service"
 msgstr ""
 
@@ -660,11 +660,11 @@ msgstr ""
 msgid "Statistic Interval"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:370
+#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:369
 msgid "Stop"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:364
+#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:363
 msgid "Stopping %s service"
 msgstr ""
 
@@ -783,15 +783,15 @@ msgstr ""
 msgid "Variant"
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:195
+#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:194
 msgid "Version %s - Running."
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:207
+#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:206
 msgid "Version %s - Stopped (Disabled)."
 msgstr ""
 
-#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:205
+#: applications/luci-app-https-dns-proxy/htdocs/luci-static/resources/https-dns-proxy/status.js:204
 msgid "Version %s - Stopped."
 msgstr ""
 
diff --git a/applications/luci-app-https-dns-proxy/root/usr/libexec/rpcd/luci.https-dns-proxy b/applications/luci-app-https-dns-proxy/root/usr/libexec/rpcd/luci.https-dns-proxy
index 710a0f3b47..2887f0c73c 100755
--- a/applications/luci-app-https-dns-proxy/root/usr/libexec/rpcd/luci.https-dns-proxy
+++ b/applications/luci-app-https-dns-proxy/root/usr/libexec/rpcd/luci.https-dns-proxy
@@ -9,7 +9,6 @@
 # ubus -S call luci.https-dns-proxy getInitStatus '{"name": "https-dns-proxy" }'
 # ubus -S call luci.https-dns-proxy getPlatformSupport '{"name": "https-dns-proxy" }'
 # ubus -S call luci.https-dns-proxy getProviders '{"name": "https-dns-proxy" }'
-# ubus -S call luci.https-dns-proxy getRuntime '{"name": "https-dns-proxy" }'
 
 readonly packageName="https-dns-proxy"
 readonly providersDir="/usr/share/${packageName}/providers"
@@ -112,19 +111,18 @@ get_providers() {
 	echo ']}'
 }
 
-get_runtime() { ubus call service list "{ 'verbose': true, 'name': '$1' }"; }
-
 set_init_action() {
-	local name="$1" action="$2" cmd
-	case $action in
+	local action="$2" cmd
+	[ "$(basename "$1")" = "$packageName" ] || { print_json_bool 'result' '0'; return 1; }
+		case $action in
 		enable|disable|start|stop|restart)
-			cmd="/etc/init.d/${name} ${action}"
+			cmd="/etc/init.d/${packageName} ${action}"
 		;;
 	esac
 	if [ -n "$cmd" ] && eval "$cmd" >/dev/null 2>&1; then
-		print_json_bool "result" '1'
+		print_json_bool 'result' '1'
 	else
-		print_json_bool "result" '0'
+		print_json_bool 'result' '0'
 	fi
 }
 
@@ -143,9 +141,6 @@ case "$1" in
 		json_add_object "getProviders"
 			json_add_string 'name' "name"
 		json_close_object
-		json_add_object "getRuntime"
-			json_add_string 'name' "name"
-		json_close_object
 		json_add_object "setInitAction"
 			json_add_string 'name' "name"
 			json_add_string 'action' "action"
@@ -183,13 +178,6 @@ case "$1" in
 				json_cleanup
 				get_providers "$name"
 				;;
-			getRuntime)
-				read -r input
-				json_load "$input"
-				json_get_var name "name"
-				json_cleanup
-				get_runtime "$name"
-				;;
 			setInitAction)
 				read -r input
 				json_load "$input"
diff --git a/applications/luci-app-https-dns-proxy/root/usr/share/rpcd/acl.d/luci-app-https-dns-proxy.json b/applications/luci-app-https-dns-proxy/root/usr/share/rpcd/acl.d/luci-app-https-dns-proxy.json
index 6603d3596a..303031257d 100644
--- a/applications/luci-app-https-dns-proxy/root/usr/share/rpcd/acl.d/luci-app-https-dns-proxy.json
+++ b/applications/luci-app-https-dns-proxy/root/usr/share/rpcd/acl.d/luci-app-https-dns-proxy.json
@@ -7,23 +7,16 @@
 					"getInitList",
 					"getInitStatus",
 					"getPlatformSupport",
-					"getProviders",
-					"getRuntime"
-				]
+					"getProviders"
+				],
+				"service": ["list"]
 			},
-			"uci": [
-				"dhcp",
-				"https-dns-proxy"
-			]
+			"uci": ["dhcp", "https-dns-proxy"]
 		},
 		"write": {
-			"uci": [
-				"https-dns-proxy"
-			],
+			"uci": ["https-dns-proxy"],
 			"ubus": {
-				"luci.https-dns-proxy": [
-					"setInitAction"
-				]
+				"luci.https-dns-proxy": ["setInitAction"]
 			}
 		}
 	}