diff --git a/src/opnsense/mvc/app/models/OPNsense/Base/Menu/Menu.xml b/src/opnsense/mvc/app/models/OPNsense/Base/Menu/Menu.xml
index d8171e6a2..97ecd9a16 100644
--- a/src/opnsense/mvc/app/models/OPNsense/Base/Menu/Menu.xml
+++ b/src/opnsense/mvc/app/models/OPNsense/Base/Menu/Menu.xml
@@ -86,9 +86,7 @@
-
-
-
+
diff --git a/src/opnsense/mvc/app/models/OPNsense/Core/ACL.php b/src/opnsense/mvc/app/models/OPNsense/Core/ACL.php
index 1532366f7..bfc5294fd 100644
--- a/src/opnsense/mvc/app/models/OPNsense/Core/ACL.php
+++ b/src/opnsense/mvc/app/models/OPNsense/Core/ACL.php
@@ -185,8 +185,8 @@ class ACL
{
/* "." and "?" have no effect on match, but "*" is a wildcard */
$match = str_replace(array('.', '*','?'), array('\.', '.*','\?'), $urlmask);
- /* if pattern ends with '/.*' optionally match for flat URL mask */
- $match = preg_replace('@/\.\*$@', '(/.*)?', $match);
+ /* if pattern ends with special markers also match flat URL mask */
+ $match = preg_replace('@([/&?])\.\*$@', '($1.*)?', $match);
/* remove client side pattern from given URL */
$url = preg_replace('@#.*$@', '', $url);
@@ -291,8 +291,8 @@ class ACL
if ($pattern == "*") {
return "index.php";
} elseif (!empty($pattern)) {
- /* remove wildcard and optional trailing slashes */
- return preg_replace('@/?\*$@', '', $pattern);
+ /* remove wildcard and optional trailing slashes or query symbols */
+ return preg_replace('@[/&?]?\*$@', '', $pattern);
}
break;
}
diff --git a/src/opnsense/mvc/app/models/OPNsense/Core/ACL/ACL.xml b/src/opnsense/mvc/app/models/OPNsense/Core/ACL/ACL.xml
index 03a3930e9..686dbbf19 100644
--- a/src/opnsense/mvc/app/models/OPNsense/Core/ACL/ACL.xml
+++ b/src/opnsense/mvc/app/models/OPNsense/Core/ACL/ACL.xml
@@ -427,7 +427,7 @@
System Setup Wizard
- wizard.php?xml=system*
+ wizard.php?xml=system
@@ -798,7 +798,7 @@
VPN: OpenVPN: Server
vpn_openvpn_server.php*
- wizard.php?xml=openvpn*
+ wizard.php?xml=openvpn&*