Commit Graph

1028 Commits

Author SHA1 Message Date
Ozzie Isaacs
e2785c3985 Added djv file format to djvu reader 2023-04-15 15:25:46 +02:00
Ozzie Isaacs
592216588c Revert "post" as search request. Search request is now get again (fix for #2741)
Revert "Auxiliary commit to revert individual files from 275675b48add79d2bbce06426cc1224c5e2c1bfb"

This reverts commit 6c920bc49f133d5c7451230448121f1f8b3cd9f2.
2023-04-12 18:29:15 +02:00
Ozzie Isaacs
b9c942befc Fix for 'NoneType' object has no attribute 'author_sort' while trying to read a book (#2733) 2023-03-31 07:48:18 +02:00
Ozzie Isaacs
321db4d712 Refactored send email by make use of ajax calls instead of posting the page
Always use getPath instead of pathname
2023-03-25 12:34:16 +01:00
Ozzie Isaacs
64e9b13311 Bugfix after merge
Bugfix generate Metadata backup
2023-03-03 19:59:19 +01:00
Ozzie Isaacs
5c5db34a52 Merge branch 'master' into Develop
# Conflicts:
#	test/Calibre-Web TestSummary_Linux.html
2023-02-27 18:54:02 +01:00
Ozzie Isaacs
162ac73bee Bugfixes from testrun 2023-02-22 18:59:11 +01:00
Ozzie Isaacs
fc31132f4e Merge remote-tracking branch 'pdf/master' 2023-02-21 20:52:25 +01:00
Ozzie Isaacs
b28a2cc58c Merge branch 'master' into Develop
# Conflicts:
#	cps/web.py
#	test/Calibre-Web TestSummary_Linux.html
2023-02-21 17:03:54 +01:00
Ozzie Isaacs
595f01e7a3 Bugfix change erader email in /me page 2023-02-19 19:36:52 +01:00
Ozzie Isaacs
89bc72958e new random password generation algorithm to ensure compliance with password rules
bugfix opds login limit
2023-02-16 16:23:06 +01:00
Ozzie Isaacs
8ee34bf428 Bugfixes for password policy 2023-02-15 19:53:35 +01:00
Ozzie Isaacs
ce48e06c45 Improved limiter 2023-02-12 13:10:00 +01:00
Ozzie Isaacs
63a3edd429 Merge remote-tracking branch 'csp/patch-2'
Updated testresult
2023-02-10 18:18:27 +01:00
Ozzie Isaacs
8d0a699078 Merge branch 'master' into Develop 2023-02-07 18:38:47 +01:00
Ozzie Isaacs
5b5146a793 Merge remote-tracking branch 'csp/patch-2' 2023-02-07 18:38:25 +01:00
Ozzie Isaacs
fb42f6bfff Make it possible to disable ratelimiter
Update APScheduler
Error message on missing flask-limiter
2023-02-05 13:43:35 +01:00
Ozzie Isaacs
4b7a0f3662 Merge branch 'master' into Develop
# Conflicts:
#	cps/opds.py
#	cps/server.py
#	cps/web.py
2023-02-05 12:10:01 +01:00
Ozzie Isaacs
275675b48a Search query is now also a post request (possible fix for Forward Auth Search Redirect Issue #2681) 2023-02-05 09:34:57 +01:00
Ozzie Isaacs
f8fbc807f1 further refactored user login 2023-02-05 08:47:10 +01:00
Ozzie Isaacs
1c3b69c710 refactored login routines 2023-02-05 08:47:10 +01:00
_Fervor_
3f72c3fffe
Update web.py 2023-02-03 23:31:49 +08:00
Ozzie Isaacs
189da65fac leave fields filled after invalid login attempt 2023-01-29 13:20:22 +01:00
Ozzie Isaacs
f241b260d7 Updated requirements
Bugfix from testrun
Testresults
2023-01-29 09:52:25 +01:00
Ozzie Isaacs
260a694834 Bugfixes after merge 2023-01-28 18:59:14 +01:00
Ozzie Isaacs
508e2b4d0a Merge branch 'master' into Develop
# Conflicts:
#	cps/admin.py
#	cps/config_sql.py
#	cps/search.py
#	cps/templates/admin.html
#	cps/web.py
#	setup.cfg
#	test/Calibre-Web TestSummary_Linux.html
2023-01-28 18:52:50 +01:00
Ozzie Isaacs
4913f06e0d Updated test status
Fix for #2614 (Send to eReader not working for guest user)
2023-01-24 18:07:21 +01:00
Petipopotam
d545ea9e6f
CSP invalid to display image when web.read_book
CSP 
Before : default-src 'self'  'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data:; style-src-elem 'self' blob: 'unsafe-inline'; object-src 'none';
After :    default-src 'self'  'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob:; style-src-elem 'self' blob: 'unsafe-inline';object-src 'none';
2023-01-24 11:03:19 +01:00
Petipopotam
1ad8dc102a
CSP invalid syntax
CSP had some "cosmetic" errors

Before : default-src 'self'  'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: style-src-elem 'self' blob: 'unsafe-inline';object-src: 'none';
After :    default-src 'self'  'unsafe-inline' 'unsafe-eval'; font-src 'self' data:;  img-src 'self' data:; style-src-elem 'self' blob: 'unsafe-inline'; object-src 'none';
2023-01-24 10:51:48 +01:00
Ozzie Isaacs
d48d6880af Update German translation 2023-01-22 13:53:10 +01:00
Ozzie Isaacs
77637d81dd Fix fro #2670 (user has no attribute eReader_mail) 2023-01-22 07:42:44 +01:00
Ozzie Isaacs
a2bf6dfb7b Bugfix csp header
Bugfix for loading metadata from google with old books (publishing date only year)
2023-01-21 17:09:02 +01:00
Ozzie Isaacs
1cd05d614c Merge remote-tracking branch 'csp/patch-1' 2023-01-21 15:48:08 +01:00
Ozzie Isaacs
2be2920833 Fixed typo 2023-01-21 15:27:51 +01:00
Ozzie Isaacs
43ee85fbb5 Removed unnecessary Unicode "u" 2023-01-21 15:23:18 +01:00
Ozzie Isaacs
8022b1bb36 Merge remote-tracking branch 'english/master' 2023-01-21 15:19:59 +01:00
Petipopotam
beb619c2c2
Correct CSP
no need blob: value for object-src
2023-01-19 20:19:55 +01:00
Petipopotam
ed22209e6c
Content Security Policy syntax was invalid
According to https://csp-evaluator.withgoogle.com/ the CSP built here is NOT valid (and the blob: value is missing at img-src, so the image is not displayed when reading ebook in a browser)

Before this commit, in Chrome response header you can find 

Content-Security-Policy: default-src 'self'  'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self'  data:; object-src: 'none'; blob:;style-src-elem 'self' blob: 'unsafe-inline';

After :

Content-Security-Policy: default-src 'self'  'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' blob: data:; object-src 'none'  blob:; style-src-elem 'self' blob: 'unsafe-inline';

and image in viewer are displayed
2023-01-19 19:56:27 +01:00
Josh O'Brien
b3335f6733 English Language Updates - V3 2023-01-04 13:30:13 +11:00
Ozzie Isaacs
85a6616606 Merge remote-tracking branch 'fix_default_language/master' 2022-12-25 09:45:14 +01:00
Julien Voisin
2ddbaa2150
Add object-src to the CSP policy 2022-12-22 12:47:37 +01:00
Feige-cn
e8c461b14f
Update web.py
In Admin view page, Editor UI Configuration - Default Settings for New Users - Default Language, set up the new user's default language is not effective. I changed this web.py, add a line of code in 1248 lines in register function. Creating the new user need to take the default language.
2022-11-08 01:32:38 +08:00
Ozzieisaacs
6598c4d259 Add rate limit for opds 2022-09-04 19:47:04 +02:00
Ozzie Isaacs
a9b20ca136 Fix for big database not showing tags 2022-08-29 19:08:04 +02:00
Ozzie Isaacs
bf0375d51d Bugfix change emails 2022-08-28 15:59:25 +02:00
Ozzie Isaacs
89d226e36b Allow deletion of kindle email address and force e-mail address to be valid 2022-08-28 15:54:43 +02:00
Ozzie Isaacs
ae3e3559b8 Rate limit prepared for feedback on login route 2022-07-18 10:59:54 +02:00
Ozzie Isaacs
a72f16fd3a Fix missing or_ import 2022-07-16 19:27:44 +02:00
Ozzie Isaacs
c2545315e1 Fix Ratings with 0 stars are counted as None 2022-07-16 19:09:19 +02:00
Ozzie Isaacs
7344ef353c Rate limited login 2022-07-02 19:46:58 +02:00