diff --git a/cps/redirect.py b/cps/redirect.py
old mode 100644
new mode 100755
index 09b3101f..337bb77b
--- a/cps/redirect.py
+++ b/cps/redirect.py
@@ -29,7 +29,7 @@
from urllib.parse import urlparse, urljoin
-from flask import request, url_for, redirect
+from flask import request, url_for, redirect, current_app
def is_safe_url(target):
@@ -38,16 +38,15 @@ def is_safe_url(target):
return test_url.scheme in ('http', 'https') and ref_url.netloc == test_url.netloc
-def get_redirect_target():
- for target in request.values.get('next'), request.referrer:
- if not target:
- continue
- if is_safe_url(target):
- return target
+def remove_prefix(text, prefix):
+ if text.startswith(prefix):
+ return text[len(prefix):]
+ return ""
def redirect_back(endpoint, **values):
- target = request.form['next']
- if not target or not is_safe_url(target):
+ target = request.form.get('next', None) or url_for(endpoint, **values)
+ adapter = current_app.url_map.bind(urlparse(request.host_url).netloc)
+ if not len(adapter.allowed_methods(remove_prefix(target, request.environ.get('HTTP_X_SCRIPT_NAME',"")))):
target = url_for(endpoint, **values)
return redirect(target)
diff --git a/cps/web.py b/cps/web.py
index 705627e7..4a95a21d 100644
--- a/cps/web.py
+++ b/cps/web.py
@@ -1322,7 +1322,7 @@ def handle_login_user(user, remember, message, category):
ub.store_user_session()
flash(message, category=category)
[limiter.limiter.storage.clear(k.key) for k in limiter.current_limits]
- return redirect_back(url_for("web.index"))
+ return redirect_back("web.index")
def render_login(username="", password=""):
diff --git a/test/Calibre-Web TestSummary_Linux.html b/test/Calibre-Web TestSummary_Linux.html
index 031ba52c..49fa93ef 100644
--- a/test/Calibre-Web TestSummary_Linux.html
+++ b/test/Calibre-Web TestSummary_Linux.html
@@ -37,20 +37,20 @@
-
Start Time: 2024-02-10 19:51:08
+
Start Time: 2024-02-11 21:14:02
-
Stop Time: 2024-02-11 02:37:31
+
Stop Time: 2024-02-12 04:05:52
-
Duration: 5h 36 min
+
Duration: 5h 42 min
@@ -234,12 +234,12 @@
-
+
| TestBackupMetadata |
21 |
- 16 |
+ 20 |
+ 1 |
0 |
- 5 |
0 |
Detail
@@ -383,233 +383,76 @@
- |
+
|
TestBackupMetadata - test_backup_change_custom_date
|
+
+
+
+
+
+
+
+ |
+
+
+
+
+
+ |
+ TestBackupMetadata - test_backup_change_custom_float
+ |
PASS |
-
- |
- TestBackupMetadata - test_backup_change_custom_float
- |
-
-
-
-
-
-
-
- |
-
-
-
-
-
+
|
TestBackupMetadata - test_backup_change_custom_int
|
-
-
-
-
-
-
-
- |
+ PASS |
-
+
|
TestBackupMetadata - test_backup_change_custom_rating
|
-
-
-
-
-
-
-
- |
+ PASS |
-
+
|
TestBackupMetadata - test_backup_change_custom_text
|
-
-
-
-
-
-
-
- |
+ PASS |
-
+
|
TestBackupMetadata - test_upload_book
|
-
-
-
-
-
-
-
- |
-
-
-
-
-
-
- | _ErrorHolder |
- 1 |
- 0 |
- 0 |
- 1 |
- 0 |
-
- Detail
- |
-
-
-
-
-
- |
- tearDownClass (test_backup_metadata)
- |
-
-
-
-
-
-
-
- |
+ PASS |
@@ -623,13 +466,13 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
0 |
0 |
- Detail
+ Detail
|
-
+
|
TestBackupMetadataGdrive - test_backup_gdrive
|
@@ -647,13 +490,13 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
0 |
0 |
- Detail
+ Detail
|
-
+
|
TestCli - test_already_started
|
@@ -662,7 +505,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestCli - test_bind_to_single_interface
|
@@ -671,7 +514,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestCli - test_change_password
|
@@ -680,7 +523,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestCli - test_cli_SSL_files
|
@@ -689,7 +532,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestCli - test_cli_different_folder
|
@@ -698,7 +541,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestCli - test_cli_different_settings_database
|
@@ -707,7 +550,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestCli - test_dryrun_update
|
@@ -716,7 +559,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestCli - test_enable_reconnect
|
@@ -725,7 +568,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestCli - test_environ_port_setting
|
@@ -734,7 +577,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestCli - test_logfile
|
@@ -743,7 +586,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestCli - test_no_database
|
@@ -752,7 +595,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestCli - test_settingsdb_not_writeable
|
@@ -761,7 +604,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestCli - test_writeonly_static_files
|
@@ -779,13 +622,13 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
0 |
0 |
- Detail
+ Detail
|
-
+
|
TestCliGdrivedb - test_cli_gdrive_folder
|
@@ -794,7 +637,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestCliGdrivedb - test_cli_gdrive_location
|
@@ -803,7 +646,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestCliGdrivedb - test_gdrive_db_nonwrite
|
@@ -812,7 +655,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestCliGdrivedb - test_no_database
|
@@ -830,13 +673,13 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
0 |
0 |
- Detail
+ Detail
|
-
+
|
TestCoverEditBooks - test_invalid_jpg_hdd
|
@@ -845,7 +688,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestCoverEditBooks - test_upload_jpg
|
@@ -863,13 +706,13 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
0 |
0 |
- Detail
+ Detail
|
-
+
|
TestDeleteDatabase - test_delete_books_in_database
|
@@ -887,13 +730,13 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
0 |
0 |
- Detail
+ Detail
|
-
+
|
TestEbookConvertCalibre - test_calibre_log
|
@@ -902,7 +745,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEbookConvertCalibre - test_convert_deactivate
|
@@ -911,7 +754,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEbookConvertCalibre - test_convert_email
|
@@ -920,7 +763,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEbookConvertCalibre - test_convert_failed_and_email
|
@@ -929,7 +772,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEbookConvertCalibre - test_convert_only
|
@@ -938,7 +781,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEbookConvertCalibre - test_convert_options
|
@@ -947,7 +790,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEbookConvertCalibre - test_convert_parameter
|
@@ -956,7 +799,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEbookConvertCalibre - test_convert_wrong_excecutable
|
@@ -965,7 +808,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEbookConvertCalibre - test_convert_xss
|
@@ -974,7 +817,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEbookConvertCalibre - test_email_failed
|
@@ -983,7 +826,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEbookConvertCalibre - test_email_only
|
@@ -992,7 +835,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEbookConvertCalibre - test_kindle_send_not_configured
|
@@ -1001,7 +844,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEbookConvertCalibre - test_ssl_smtp_setup_error
|
@@ -1010,7 +853,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEbookConvertCalibre - test_starttls_smtp_setup_error
|
@@ -1019,7 +862,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEbookConvertCalibre - test_user_convert_xss
|
@@ -1037,13 +880,13 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
0 |
0 |
- Detail
+ Detail
|
-
+
|
TestEbookConvertCalibreGDrive - test_convert_email
|
@@ -1052,7 +895,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEbookConvertCalibreGDrive - test_convert_failed_and_email
|
@@ -1061,7 +904,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEbookConvertCalibreGDrive - test_convert_only
|
@@ -1070,7 +913,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEbookConvertCalibreGDrive - test_convert_parameter
|
@@ -1079,7 +922,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEbookConvertCalibreGDrive - test_email_failed
|
@@ -1088,7 +931,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEbookConvertCalibreGDrive - test_email_only
|
@@ -1106,13 +949,13 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
0 |
0 |
- Detail
+ Detail
|
-
+
|
TestEbookConvertKepubify - test_convert_deactivate
|
@@ -1121,7 +964,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEbookConvertKepubify - test_convert_only
|
@@ -1130,7 +973,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEbookConvertKepubify - test_convert_wrong_excecutable
|
@@ -1148,13 +991,13 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
0 |
0 |
- Detail
+ Detail
|
-
+
|
TestEbookConvertGDriveKepubify - test_convert_deactivate
|
@@ -1163,7 +1006,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEbookConvertGDriveKepubify - test_convert_only
|
@@ -1172,7 +1015,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEbookConvertGDriveKepubify - test_convert_wrong_excecutable
|
@@ -1190,13 +1033,13 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
0 |
2 |
- Detail
+ Detail
|
-
+
|
TestEditAdditionalBooks - test_cbz_comicinfo
|
@@ -1205,7 +1048,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEditAdditionalBooks - test_change_upload_formats
|
@@ -1214,7 +1057,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEditAdditionalBooks - test_delete_book
|
@@ -1223,7 +1066,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEditAdditionalBooks - test_delete_role
|
@@ -1232,7 +1075,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEditAdditionalBooks - test_details_popup
|
@@ -1241,7 +1084,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEditAdditionalBooks - test_edit_book_identifier
|
@@ -1250,7 +1093,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEditAdditionalBooks - test_edit_book_identifier_capital
|
@@ -1259,7 +1102,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEditAdditionalBooks - test_edit_book_identifier_standard
|
@@ -1268,7 +1111,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEditAdditionalBooks - test_edit_special_book_identifier
|
@@ -1277,7 +1120,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEditAdditionalBooks - test_title_sort
|
@@ -1286,7 +1129,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEditAdditionalBooks - test_upload_cbz_coverformats
|
@@ -1295,7 +1138,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEditAdditionalBooks - test_upload_edit_role
|
@@ -1304,7 +1147,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEditAdditionalBooks - test_upload_metadata_cb7
|
@@ -1313,7 +1156,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEditAdditionalBooks - test_upload_metadata_cbr
|
@@ -1322,7 +1165,7 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEditAdditionalBooks - test_upload_metadata_cbt
|
@@ -1331,19 +1174,19 @@ receiveMessage@chrome://remote/content/marionette/actors/MarionetteEventsParent.
-
+
|
TestEditAdditionalBooks - test_writeonly_calibre_database
|
-
+
- |