From 3640651507fcc6b59a0de629aac7a067151da825 Mon Sep 17 00:00:00 2001
From: AnanthaC <anantha_chelladurai@comcast.com>
Date: Thu, 30 Oct 2025 07:45:42 +0000
Subject: [PATCH 1/5] RDKB-62246 : Harden WebUI Login - Exclude sky dev

Reason for change: Excluding changes of RDKB-61864 for sky partner
Test Procedure: Verify the webui login
Risks: Medium

Signed-off-by: AnanthaC <anantha_chelladurai@comcast.com>
---
 source/Styles/xb3/jst/check.jst | 4 ++++
 source/Styles/xb3/jst/index.jst | 8 +++-----
 source/Styles/xb6/jst/index.jst | 8 +++-----
 3 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/source/Styles/xb3/jst/check.jst b/source/Styles/xb3/jst/check.jst
index 07b3650..17bcb75 100644
--- a/source/Styles/xb3/jst/check.jst
+++ b/source/Styles/xb3/jst/check.jst
@@ -360,6 +360,10 @@ else
                 }
                 if($flag==0){
 //                    session_destroy();
+                   $partnersId = getStr("Device.DeviceInfo.X_RDKCENTRAL-COM_Syndication.PartnerId");
+                   if (strpos($partnersId, "sky-") !== false) {
+                       sendError( '<script type="text/javascript"> alert($.i18n("Username or password is incorrect!"));history.back(); </script>');
+                   } else {
                     sendError( '<script type="text/javascript"> alert($.i18n("Authentication failed. The default password is printed on the bottom or back of your router - use this if you haven’t already changed it."));history.back(); </script>');
                 }
             }
diff --git a/source/Styles/xb3/jst/index.jst b/source/Styles/xb3/jst/index.jst
index 1352882..f0bea6c 100644
--- a/source/Styles/xb3/jst/index.jst
+++ b/source/Styles/xb3/jst/index.jst
@@ -389,11 +389,9 @@ if($webuiIsEnabled == "false"){
         <div class="form-btn"  id="login_btn">
                 <input type="submit" class="btn" value="Login" />
         </div>
-        <div class="form-row">
-                <?% if(!$isMSO) { ?>
-                        <p id="index_helptext">Tip: The default password is printed on the bottom or back of your router - use this if you haven’t already changed .</
-                <?% } ?>
-        </div>
+        <?% if((!$isMSO) && (strpos($partnerId, "sky-") === false)){ ?>
+                <p id="index_helptext">Tip: The default password is printed on the bottom or back of your router - use this if you haven’t already changed .</
+        <?% } ?>
 <input type="hidden" name="locale" id="locale" value="<?% echo($locale); ?>">
 </form>
 </div>
diff --git a/source/Styles/xb6/jst/index.jst b/source/Styles/xb6/jst/index.jst
index 14ae36f..a356139 100644
--- a/source/Styles/xb6/jst/index.jst
+++ b/source/Styles/xb6/jst/index.jst
@@ -346,11 +346,9 @@ if($webuiIsEnabled == "false"){
 	<div class="form-btn"  id="login_btn">
 		<input type="submit" class="btn" value="Login" />
 	</div>
-    <div class="form-row">
-                <?% if(!$isMSO) { ?>
-                        <p id="index_helptext">Tip: The default password is printed on the bottom or back of your router - use this if you haven’t already changed .</
-                <?% } ?>
-    </div>
+        <?% if((!$isMSO) && (strpos($partnerId, "sky-") === false)){ ?>
+                <p id="index_helptext">Tip: The default password is printed on the bottom or back of your router - use this if you haven’t already changed .</
+        <?% } ?>
 <input type="hidden" name="locale" id="locale" value="<?% echo($locale); ?>">
 </form>
 </div>

From 156996e277d747340893ff8d0183847662befd9d Mon Sep 17 00:00:00 2001
From: Ananth916 <74174916+Ananth916@users.noreply.github.com>
Date: Mon, 3 Nov 2025 22:32:38 +0530
Subject: [PATCH 2/5] Update check.jst

---
 source/Styles/xb3/jst/check.jst | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/source/Styles/xb3/jst/check.jst b/source/Styles/xb3/jst/check.jst
index 17bcb75..07b3650 100644
--- a/source/Styles/xb3/jst/check.jst
+++ b/source/Styles/xb3/jst/check.jst
@@ -360,10 +360,6 @@ else
                 }
                 if($flag==0){
 //                    session_destroy();
-                   $partnersId = getStr("Device.DeviceInfo.X_RDKCENTRAL-COM_Syndication.PartnerId");
-                   if (strpos($partnersId, "sky-") !== false) {
-                       sendError( '<script type="text/javascript"> alert($.i18n("Username or password is incorrect!"));history.back(); </script>');
-                   } else {
                     sendError( '<script type="text/javascript"> alert($.i18n("Authentication failed. The default password is printed on the bottom or back of your router - use this if you haven’t already changed it."));history.back(); </script>');
                 }
             }

From 6c6a52e2f57cc9103eb5ead5a8596dcfcf84dd2a Mon Sep 17 00:00:00 2001
From: roushan-tel <roushan.s@tataelxsi.co.in>
Date: Wed, 5 Nov 2025 11:33:09 +0530
Subject: [PATCH 3/5] RDKB-61758: Removed MoCA option in GUI in bridge mode.

RDKB-61758: Removed MoCA option in GUI in bridge mode.

Reason for change: MoCA option is displayed in GUI in bridge mode.
Test Procedure: Build and verify in GUI page.
Risks: Low
Priority: P1
---
 source/Styles/xb3/jst/includes/nav.jst | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/source/Styles/xb3/jst/includes/nav.jst b/source/Styles/xb3/jst/includes/nav.jst
index 49eb19f..725f495 100644
--- a/source/Styles/xb3/jst/includes/nav.jst
+++ b/source/Styles/xb3/jst/includes/nav.jst
@@ -91,7 +91,11 @@ if (isset($_SESSION['lanMode']) && $_SESSION["lanMode"] == "bridge-static") {
 	$port_triggering  	= false;
 	$hs_port_forwarding = false;
 	$wizard		 		= false;
-	$MoCA				= true;
+	if (is_moca_supported()) {
+        $MoCA = true;
+	} else {
+        $MoCA = false;
+	}
 	$moca_diagnostics   = false;
 	$wifi_spec_analyzer	= false;
 }

From d3fa4c55d345740805c5ff992608e738671a5c93 Mon Sep 17 00:00:00 2001
From: Abhijeet Viswam <abhijeet_viswam@comcast.com>
Date: Mon, 22 Sep 2025 10:43:02 +0000
Subject: [PATCH 4/5] RDKB-61788 : Input elements blocked in WebUI can be
 bypassed in HCM mode

RDKB-61788 : Input elements blocked in WebUI can be bypassed in HCM mode

Reason for change: Added checks in ajax to prevent updates wireless
                   config updates when in HCM mode.
Test Procedure: Refer ticket

Change-Id: If683533a99d3f0f50d6b77a9b95a82c53bb6c4f8
Priority: P1
Risks: Medium
Signed-off-by: Abhijeet Viswam <Abhijeet_Viswam@comcast.com>
---
 .../ajaxSet_wireless_network_configuration_edit.jst           | 4 +++-
 .../ajaxSet_wireless_network_configuration_edit_onewifi.jst   | 4 +++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/source/Styles/xb6/jst/actionHandler/ajaxSet_wireless_network_configuration_edit.jst b/source/Styles/xb6/jst/actionHandler/ajaxSet_wireless_network_configuration_edit.jst
index 4170971..671ac52 100644
--- a/source/Styles/xb6/jst/actionHandler/ajaxSet_wireless_network_configuration_edit.jst
+++ b/source/Styles/xb6/jst/actionHandler/ajaxSet_wireless_network_configuration_edit.jst
@@ -33,6 +33,7 @@ $partnerId = getStr("Device.DeviceInfo.X_RDKCENTRAL-COM_Syndication.PartnerId");
 $Mesh_Enable 	= getStr("Device.DeviceInfo.X_RDKCENTRAL-COM_xOpsDeviceMgmt.Mesh.Enable");
 $Mesh_State 	= getStr("Device.DeviceInfo.X_RDKCENTRAL-COM_xOpsDeviceMgmt.Mesh.State");
 $Mesh_Mode = ($Mesh_Enable == 'true' && $Mesh_State == 'Full')? true : false;
+$HCM_Mode = getStr("Device.DeviceInfo.X_RDKCENTRAL-COM_RFC.Feature.MeshWifiOptimization.Mode");
 $OperatingChannelBandwidth ="";
 $RadioNumberOfEntries = getStr("Device.WiFi.RadioNumberOfEntries");
 if($RadioNumberOfEntries)
@@ -116,6 +117,7 @@ function security_mode($encrypt_mode, $encrypt_method) {
 }
 
 if($i != 1 && $i != 2 && $i != 17) $Mesh_Mode = false;
+if($i != 1 && $i != 2 && $i != 17) $HCM_Mode = "Disable";
 $response_message = '';
 //ssid 1,2 for all
 //ssid 3,4 for mso only
@@ -133,7 +135,7 @@ if ($i == 1 || $i == 2 || $i == 17) {
 			}
 		}
 		setStr("Device.WiFi.SSID."+$i+".Enable", $arConfig['radio_enable'], true);
-		if ("true" == $arConfig['radio_enable'] && (!$Mesh_Mode) )
+		if ("true" == $arConfig['radio_enable'] && (!$Mesh_Mode) && ($HCM_Mode != "Enable"))
 		{
 			$validation = true;
 			if(($arConfig['password_update']=="false") && ("mso" == $thisUser)){
diff --git a/source/Styles/xb6/jst/actionHandler/ajaxSet_wireless_network_configuration_edit_onewifi.jst b/source/Styles/xb6/jst/actionHandler/ajaxSet_wireless_network_configuration_edit_onewifi.jst
index e918dfa..48bed5f 100644
--- a/source/Styles/xb6/jst/actionHandler/ajaxSet_wireless_network_configuration_edit_onewifi.jst
+++ b/source/Styles/xb6/jst/actionHandler/ajaxSet_wireless_network_configuration_edit_onewifi.jst
@@ -33,6 +33,7 @@ $partnerId = getStr("Device.DeviceInfo.X_RDKCENTRAL-COM_Syndication.PartnerId");
 $Mesh_Enable 	= getStr("Device.DeviceInfo.X_RDKCENTRAL-COM_xOpsDeviceMgmt.Mesh.Enable");
 $Mesh_State 	= getStr("Device.DeviceInfo.X_RDKCENTRAL-COM_xOpsDeviceMgmt.Mesh.State");
 $Mesh_Mode = ($Mesh_Enable == 'true' && $Mesh_State == 'Full')? true : false;
+$HCM_Mode = getStr("Device.DeviceInfo.X_RDKCENTRAL-COM_RFC.Feature.MeshWifiOptimization.Mode");
 $OperatingChannelBandwidth ="";
 $RadioNumberOfEntries = getStr("Device.WiFi.RadioNumberOfEntries");
 if($RadioNumberOfEntries)
@@ -120,6 +121,7 @@ function security_mode($encrypt_mode, $encrypt_method) {
 }
 
 if($i != 1 && $i != 2 && $i != 17) $Mesh_Mode = false;
+if($i != 1 && $i != 2 && $i != 17) $HCM_Mode = "Disable";
 $response_message = '';
 //ssid 1,2 for all
 //ssid 3,4 for mso only
@@ -137,7 +139,7 @@ if ($i == 1 || $i == 2 || $i == 17) {
 			}
 		}
 		setStr("Device.WiFi.SSID."+$i+".Enable", $arConfig['radio_enable'], true);
-		if ("true" == $arConfig['radio_enable'] && (!$Mesh_Mode) )
+		if ("true" == $arConfig['radio_enable'] && (!$Mesh_Mode) && ($HCM_Mode != "Enable"))
 		{
 			$validation = true;
 			if(($arConfig['password_update']=="false") && ("mso" == $thisUser)){

From 6c027d8fbc9eb1949c0a89ea498cb0613caa59aa Mon Sep 17 00:00:00 2001
From: Nithishkumar-T <109725053+Nithishkumar-T@users.noreply.github.com>
Date: Thu, 6 Nov 2025 11:59:53 +0530
Subject: [PATCH 5/5] Add changelog for release

---
 CHANGELOG.md | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2eb8655..8228e17 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,13 +4,26 @@ All notable changes to this project will be documented in this file. Dates are d
 
 Generated by [`auto-changelog`](https://github.com/CookPete/auto-changelog).
 
+#### [1.3.0](https://github.com/rdkcentral/webui/compare/1.2.1...1.3.0)
+
+- RDKB-61788 : Input elements blocked in WebUI can be bypassed in HCM mode [`#40`](https://github.com/rdkcentral/webui/pull/40)
+- RDKB-61758: Removed MoCA option in GUI in bridge mode. [`#66`](https://github.com/rdkcentral/webui/pull/66)
+- RDKB-62246 : Harden WebUI Login - Exclude for sky partner [`#64`](https://github.com/rdkcentral/webui/pull/64)
+- RDKB-61875: 320MHz BW is not greyed out for ax mode in 6G [`#60`](https://github.com/rdkcentral/webui/pull/60)
+- RDKB-62077: Failed to add Parental Control Managed Service with Alway… [`#63`](https://github.com/rdkcentral/webui/pull/63)
+- RDKB-62246 : Harden WebUI Login - Exclude sky dev [`3640651`](https://github.com/rdkcentral/webui/commit/3640651507fcc6b59a0de629aac7a067151da825)
+- RDKB-62077: Failed to add Parental Control Managed Service with AlwaysBlock enabled [`aeee8d9`](https://github.com/rdkcentral/webui/commit/aeee8d90f5d68201cd96a8fe9172a96f3845c02d)
+- RDKB-61875: 320MHz BW is not grayed out for ax mode in 6G [`0295e22`](https://github.com/rdkcentral/webui/commit/0295e22210c281a7a7b453cd94e54f18f63d296e)
+
 #### [1.2.1](https://github.com/rdkcentral/webui/compare/1.2.0...1.2.1)
 
+> 23 October 2025
+
 - RDKB-61864: Harden WebUI Login  [`#55`](https://github.com/rdkcentral/webui/pull/55)
 - XB9-429 : Upstream xb9 specific changes to github repo [`#56`](https://github.com/rdkcentral/webui/pull/56)
 - RDKB-61864: Harden WebUI Login [`3534844`](https://github.com/rdkcentral/webui/commit/3534844d4e06ee36d87cbc29fd4fd1b54d153a78)
 - RDKB-61864: Harden WebUI Login [`0899ebb`](https://github.com/rdkcentral/webui/commit/0899ebba7f8124222b6bf8e5bab0314da033cdce)
-- RDKB-61864: Update user_password_change.jst [`0c34471`](https://github.com/rdkcentral/webui/commit/0c3447130ef4f3e9472d63834304746b79a34486)
+- Add changelog for release [`9ebf271`](https://github.com/rdkcentral/webui/commit/9ebf2716a11c828f4a00b71e8f801c82c7c8be3c)
 
 #### [1.2.0](https://github.com/rdkcentral/webui/compare/1.1.2...1.2.0)