Commit Graph

1025 Commits

Author SHA1 Message Date
Ozzie Isaacs
321db4d712 Refactored send email by make use of ajax calls instead of posting the page
Always use getPath instead of pathname
2023-03-25 12:34:16 +01:00
Ozzie Isaacs
64e9b13311 Bugfix after merge
Bugfix generate Metadata backup
2023-03-03 19:59:19 +01:00
Ozzie Isaacs
5c5db34a52 Merge branch 'master' into Develop
# Conflicts:
#	test/Calibre-Web TestSummary_Linux.html
2023-02-27 18:54:02 +01:00
Ozzie Isaacs
162ac73bee Bugfixes from testrun 2023-02-22 18:59:11 +01:00
Ozzie Isaacs
fc31132f4e Merge remote-tracking branch 'pdf/master' 2023-02-21 20:52:25 +01:00
Ozzie Isaacs
b28a2cc58c Merge branch 'master' into Develop
# Conflicts:
#	cps/web.py
#	test/Calibre-Web TestSummary_Linux.html
2023-02-21 17:03:54 +01:00
Ozzie Isaacs
595f01e7a3 Bugfix change erader email in /me page 2023-02-19 19:36:52 +01:00
Ozzie Isaacs
89bc72958e new random password generation algorithm to ensure compliance with password rules
bugfix opds login limit
2023-02-16 16:23:06 +01:00
Ozzie Isaacs
8ee34bf428 Bugfixes for password policy 2023-02-15 19:53:35 +01:00
Ozzie Isaacs
ce48e06c45 Improved limiter 2023-02-12 13:10:00 +01:00
Ozzie Isaacs
63a3edd429 Merge remote-tracking branch 'csp/patch-2'
Updated testresult
2023-02-10 18:18:27 +01:00
Ozzie Isaacs
8d0a699078 Merge branch 'master' into Develop 2023-02-07 18:38:47 +01:00
Ozzie Isaacs
5b5146a793 Merge remote-tracking branch 'csp/patch-2' 2023-02-07 18:38:25 +01:00
Ozzie Isaacs
fb42f6bfff Make it possible to disable ratelimiter
Update APScheduler
Error message on missing flask-limiter
2023-02-05 13:43:35 +01:00
Ozzie Isaacs
4b7a0f3662 Merge branch 'master' into Develop
# Conflicts:
#	cps/opds.py
#	cps/server.py
#	cps/web.py
2023-02-05 12:10:01 +01:00
Ozzie Isaacs
275675b48a Search query is now also a post request (possible fix for Forward Auth Search Redirect Issue #2681) 2023-02-05 09:34:57 +01:00
Ozzie Isaacs
f8fbc807f1 further refactored user login 2023-02-05 08:47:10 +01:00
Ozzie Isaacs
1c3b69c710 refactored login routines 2023-02-05 08:47:10 +01:00
_Fervor_
3f72c3fffe
Update web.py 2023-02-03 23:31:49 +08:00
Ozzie Isaacs
189da65fac leave fields filled after invalid login attempt 2023-01-29 13:20:22 +01:00
Ozzie Isaacs
f241b260d7 Updated requirements
Bugfix from testrun
Testresults
2023-01-29 09:52:25 +01:00
Ozzie Isaacs
260a694834 Bugfixes after merge 2023-01-28 18:59:14 +01:00
Ozzie Isaacs
508e2b4d0a Merge branch 'master' into Develop
# Conflicts:
#	cps/admin.py
#	cps/config_sql.py
#	cps/search.py
#	cps/templates/admin.html
#	cps/web.py
#	setup.cfg
#	test/Calibre-Web TestSummary_Linux.html
2023-01-28 18:52:50 +01:00
Ozzie Isaacs
4913f06e0d Updated test status
Fix for #2614 (Send to eReader not working for guest user)
2023-01-24 18:07:21 +01:00
Petipopotam
d545ea9e6f
CSP invalid to display image when web.read_book
CSP 
Before : default-src 'self'  'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data:; style-src-elem 'self' blob: 'unsafe-inline'; object-src 'none';
After :    default-src 'self'  'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob:; style-src-elem 'self' blob: 'unsafe-inline';object-src 'none';
2023-01-24 11:03:19 +01:00
Petipopotam
1ad8dc102a
CSP invalid syntax
CSP had some "cosmetic" errors

Before : default-src 'self'  'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: style-src-elem 'self' blob: 'unsafe-inline';object-src: 'none';
After :    default-src 'self'  'unsafe-inline' 'unsafe-eval'; font-src 'self' data:;  img-src 'self' data:; style-src-elem 'self' blob: 'unsafe-inline'; object-src 'none';
2023-01-24 10:51:48 +01:00
Ozzie Isaacs
d48d6880af Update German translation 2023-01-22 13:53:10 +01:00
Ozzie Isaacs
77637d81dd Fix fro #2670 (user has no attribute eReader_mail) 2023-01-22 07:42:44 +01:00
Ozzie Isaacs
a2bf6dfb7b Bugfix csp header
Bugfix for loading metadata from google with old books (publishing date only year)
2023-01-21 17:09:02 +01:00
Ozzie Isaacs
1cd05d614c Merge remote-tracking branch 'csp/patch-1' 2023-01-21 15:48:08 +01:00
Ozzie Isaacs
2be2920833 Fixed typo 2023-01-21 15:27:51 +01:00
Ozzie Isaacs
43ee85fbb5 Removed unnecessary Unicode "u" 2023-01-21 15:23:18 +01:00
Ozzie Isaacs
8022b1bb36 Merge remote-tracking branch 'english/master' 2023-01-21 15:19:59 +01:00
Petipopotam
beb619c2c2
Correct CSP
no need blob: value for object-src
2023-01-19 20:19:55 +01:00
Petipopotam
ed22209e6c
Content Security Policy syntax was invalid
According to https://csp-evaluator.withgoogle.com/ the CSP built here is NOT valid (and the blob: value is missing at img-src, so the image is not displayed when reading ebook in a browser)

Before this commit, in Chrome response header you can find 

Content-Security-Policy: default-src 'self'  'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self'  data:; object-src: 'none'; blob:;style-src-elem 'self' blob: 'unsafe-inline';

After :

Content-Security-Policy: default-src 'self'  'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' blob: data:; object-src 'none'  blob:; style-src-elem 'self' blob: 'unsafe-inline';

and image in viewer are displayed
2023-01-19 19:56:27 +01:00
Josh O'Brien
b3335f6733 English Language Updates - V3 2023-01-04 13:30:13 +11:00
Ozzie Isaacs
85a6616606 Merge remote-tracking branch 'fix_default_language/master' 2022-12-25 09:45:14 +01:00
Julien Voisin
2ddbaa2150
Add object-src to the CSP policy 2022-12-22 12:47:37 +01:00
Feige-cn
e8c461b14f
Update web.py
In Admin view page, Editor UI Configuration - Default Settings for New Users - Default Language, set up the new user's default language is not effective. I changed this web.py, add a line of code in 1248 lines in register function. Creating the new user need to take the default language.
2022-11-08 01:32:38 +08:00
Ozzieisaacs
6598c4d259 Add rate limit for opds 2022-09-04 19:47:04 +02:00
Ozzie Isaacs
a9b20ca136 Fix for big database not showing tags 2022-08-29 19:08:04 +02:00
Ozzie Isaacs
bf0375d51d Bugfix change emails 2022-08-28 15:59:25 +02:00
Ozzie Isaacs
89d226e36b Allow deletion of kindle email address and force e-mail address to be valid 2022-08-28 15:54:43 +02:00
Ozzie Isaacs
ae3e3559b8 Rate limit prepared for feedback on login route 2022-07-18 10:59:54 +02:00
Ozzie Isaacs
a72f16fd3a Fix missing or_ import 2022-07-16 19:27:44 +02:00
Ozzie Isaacs
c2545315e1 Fix Ratings with 0 stars are counted as None 2022-07-16 19:09:19 +02:00
Ozzie Isaacs
7344ef353c Rate limited login 2022-07-02 19:46:58 +02:00
Kian-Meng Ang
c4104ddaf4 Fix typos 2022-07-01 21:26:06 +08:00
Ozzie Isaacs
29fd4ae4a2 Bugfixes create users
Update Teststatus
2022-06-17 10:14:33 +02:00
Ozzieisaacs
4ef8c35fb7 Bugfies password validation from testrun 2022-06-16 14:16:00 +02:00