OzzieIsaacs
f33e25ac40
Merge remote-tracking branch 'sec_fixes/cookies_improvement'
2020-05-10 10:22:21 +02:00
jvoisin
bf166b757a
Improve a bit the cookie's hardening
...
- Samesite for session cookies as well as the remember me ones
- Httponly
2020-05-09 14:42:28 +02:00
jvoisin
b4165335a7
Use strong sessions protection
...
See https://flask-login.readthedocs.io/en/latest/#session-protection for
details
2020-05-09 14:34:14 +02:00
Ozzieisaacs
fb16429867
Randomize flask secret_key
2020-05-04 19:02:03 +02:00
OzzieIsaacs
36a984ce3c
Revert proxyfix
2020-05-02 18:17:52 +02:00
Ozzieisaacs
8646f8f23a
Merge branch 'Develop'
...
# Conflicts:
# cps/__init__.py
2020-05-01 14:51:54 +02:00
OzzieIsaacs
fb8b6310d5
Fix from tests
2020-04-30 20:58:01 +02:00
Ozzieisaacs
02aaf17ac5
Fix #1339 (Proxyfix import with old werkzeug versions causes traceback)
2020-04-30 19:21:08 +02:00
Ozzieisaacs
b160a8de0b
Merge branch 'master' into Develop
...
# Conflicts:
# cps/__init__.py
# cps/comic.py
# cps/editbooks.py
# cps/helper.py
# cps/kobo.py
# cps/translations/nl/LC_MESSAGES/messages.mo
# cps/translations/nl/LC_MESSAGES/messages.po
# cps/ub.py
# cps/uploader.py
# cps/web.py
2020-04-30 18:08:28 +02:00
Ozzieisaacs
e3246fd751
Merge remote-tracking branch 'key'
2020-04-30 17:29:41 +02:00
jvoisin
523aab2e9e
Don't use an hardcoded session key
...
This fixes a trivial authentication bypass,
according to https://flask.palletsprojects.com/en/1.1.x/quickstart/#sessions
2020-04-29 13:59:34 +02:00
Jeff
6384cdc74d
Fix https github oauth
...
while using https domian and nginx as proxy, a `ProxyFix` is required.
2020-04-19 19:53:41 +08:00
Ozzieisaacs
f6c04b9b84
Merge branch 'master' into Develop
2020-03-29 16:48:56 +02:00
Ozzieisaacs
4eacb21259
Update updater
...
Update change logfile
code cosmetics js files
2020-03-29 16:44:24 +02:00
Ozzie Isaacs
6d1a3ccdcc
Improve logger for windows
2020-03-28 07:13:51 +01:00
Ozzieisaacs
4087e685f4
Fix auto detection of locale
2020-02-01 13:40:29 +01:00
Ozzieisaacs
5255085de1
Fix auto detection of locale
2020-02-01 13:38:11 +01:00
Ozzieisaacs
6cda5fee0d
Fix language selection on python3
2019-09-06 20:56:17 +02:00
Ozzieisaacs
f543d7f486
Fix #1016
2019-08-20 18:32:04 +02:00
Ozzieisaacs
26a7d9ef30
Merge branch 'Develop'
...
# Conflicts:
# cps/__init__.py
# cps/about.py
# cps/admin.py
# cps/cli.py
# cps/config_sql.py
# cps/constants.py
# cps/converter.py
# cps/db.py
# cps/editbooks.py
# cps/gdriveutils.py
# cps/helper.py
# cps/logger.py
# cps/oauth.py
# cps/server.py
# cps/services/simpleldap.py
# cps/ub.py
# cps/web.py
# cps/worker.py
# optional-requirements.txt
# setup.cfg
# setup.py
2019-07-17 19:07:05 +02:00
Daniel Pavel
63634961d4
cleaner worker api
...
the worker thread now stops on its own
2019-07-14 20:28:32 +03:00
Daniel Pavel
a836df9a5a
more robust disposing of database session
...
avoid spamming the log with debug messages from libraries
2019-07-14 14:44:48 +03:00
Ozzieisaacs
8bfcdffeb6
Fix feature support
2019-07-14 13:20:40 +02:00
Ozzieisaacs
4708347c16
Merge branch 'Develop'
...
# Conflicts:
# MANIFEST.in
# README.md
# cps/helper.py
# cps/static/js/archive/archive.js
# cps/translations/nl/LC_MESSAGES/messages.mo
# cps/translations/nl/LC_MESSAGES/messages.po
# cps/ub.py
# cps/updater.py
# cps/web.py
# cps/worker.py
# optional-requirements.txt
2019-07-13 20:54:21 +02:00
Daniel Pavel
006e596c72
Moved config class into separate file.
...
Moved Goodreads and LDAP services into separate package.
2019-07-07 16:05:51 +03:00
Ozzieisaacs
572b5427c7
Fix Encoding issues for python2
2019-06-23 21:11:45 +02:00
Daniel Pavel
e254565901
support binding the http server to a unix socket file instead of TCP socket
2019-06-18 08:57:37 +03:00
Ozzieisaacs
9b74d51f21
Merge remote-tracking branch 'ldap/master' into Develop
...
# Conflicts:
# cps/server.py
# cps/templates/config_edit.html
# cps/ub.py
# cps/updater.py
# cps/web.py
# optional-requirements-ldap.txt
# setup.cfg
2019-06-16 08:20:01 +02:00
Ozzieisaacs
26949970d8
Revert logging functions
...
Fix access logger for tornado
2019-06-11 20:07:51 +02:00
Ozzieisaacs
546ed65e1d
Update logging
...
Fix sort order author
Fixes sorting view
Moved version info
added feature limit listening to single ipaddress
2019-06-10 14:15:21 +02:00
Daniel Pavel
b89ab9ff10
logging clean-up
...
- moved most constants to separate file
- sorted and cleaned-up imports
- moved logging setup to separate file
2019-06-06 18:10:22 +03:00
Ozzieisaacs
bb0d5c5538
Working for pip and "normal" start for python3 and python2
2019-06-02 09:33:45 +02:00
Ozzieisaacs
406d1c76c9
Sorting and filtering of lists working (except file formats)
...
Refactored and bugfixing show_cover
Refactored import of helper in web.py
Fix for displaying /me (gettext) throwing error 500
Fix get search results throwing error 500
Fix routing books_list for python2.7
Fix for "me" and "settings" pages
Update sidebarview and list view
2019-04-22 19:11:35 +02:00
Ozzieisaacs
2de4bfdcf2
Merge branch 'master' into Develop
...
# Conflicts:
# cps/book_formats.py
# cps/helper.py
# cps/web.py
2019-04-20 18:32:46 +02:00
Ozzieisaacs
0224d45961
Code cosmetics
2019-03-04 20:03:09 +01:00
Ozzieisaacs
de58d0a4d8
Merge remote-tracking branch 'metadata/Develop' into Develop
...
Update logger for updater
2019-03-01 19:09:37 +01:00
Ozzieisaacs
d6ee8f75e9
More refactoring
2019-02-08 20:12:16 +01:00
Ozzieisaacs
a00d93a2d9
Working again (basically)
2019-02-06 21:52:32 +01:00
Cervinko Cera
704198655b
custom columns unfinished
2016-04-20 19:25:47 +02:00
Jan Broer
64a9cbce2d
Initial Fork from https://bitbucket.org/raphaelmutschler/calibreserver/
2015-08-02 20:59:11 +02:00