AZEN-SGG/Kavita
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Kavita/UI/Web
History
Joseph Milazzo 88b5ebeb69
Security Hotfix (#1415) 
* Updated ngx-extended-pdf-viewer to 14.5.2 + misc security vuln

* Hooked up remove from want to read AND fixed a bug in the logic that was removing everything BUT what was passed.

Allow for bookmarks to have date info for better ordering.

* Implemented a quick way to set darkneses level on manga reader for when nightlight just isn't dark enough

* Added Japanese Series name support in the Parser

* Updated our security file with our Huntr.

* Fixed a security vulnerability where through the API, an unauthorized user could delete/modify reading lists that did not belong to them.

Fixed a bug where when creating a reading list with the name of another users, the API would throw an exception (but reading list would still get created)

* Ensure all reading list apis are authorized

* Ensured all APIs require authentication, except those that explicitly don't. All APIs are default requiring Authentication.

Fixed a security vulnerability which would allow a user to take over an admin account.

* Fixed a bug where cover-upload would accept filenames that were not expected.

* Explicitly check that a user has access to the pdf file before we serve it back.

* Enabled lock out when invalid user auth occurs. After 5 invalid auths, the user account will be locked out for 10 mins.
2022-08-08 13:47:37 -07:00
..
.github/workflows On Deck + Misc Fixes and Changes (#1215) 2022-04-11 15:43:40 -07:00
e2e New PDF Reader (#1324) 2022-06-15 14:43:32 -07:00
src Security Hotfix (#1415) 2022-08-08 13:47:37 -07:00
storage On Deck + Misc Fixes and Changes (#1215) 2022-04-11 15:43:40 -07:00
.gitignore On Deck + Misc Fixes and Changes (#1215) 2022-04-11 15:43:40 -07:00
adminStorageState.json On Deck + Misc Fixes and Changes (#1215) 2022-04-11 15:43:40 -07:00
angular.json New PDF Reader (#1324) 2022-06-15 14:43:32 -07:00
global-setup.ts Double Page Rendering (#1333) 2022-06-27 09:00:01 -07:00
LICENSE The big one (#396) 2021-07-17 14:03:11 -05:00
nonAdminStorageState.json On Deck + Misc Fixes and Changes (#1215) 2022-04-11 15:43:40 -07:00
package-lock.json Security Hotfix (#1415) 2022-08-08 13:47:37 -07:00
package.json Security Hotfix (#1415) 2022-08-08 13:47:37 -07:00
playwright.config.ts On Deck + Misc Fixes and Changes (#1215) 2022-04-11 15:43:40 -07:00
README.md On Deck + Misc Fixes and Changes (#1215) 2022-04-11 15:43:40 -07:00
setupJest.ts The big one (#396) 2021-07-17 14:03:11 -05:00
tsconfig.app.json The big one (#396) 2021-07-17 14:03:11 -05:00
tsconfig.json Double Page Rendering (#1333) 2022-06-27 09:00:01 -07:00
tsconfig.spec.json The big one (#396) 2021-07-17 14:03:11 -05:00
tslint.json The big one (#396) 2021-07-17 14:03:11 -05:00

README.md

Kavita Webui

This project was generated with Angular CLI version 11.0.0.

Development server

Run ng serve for a dev server. Navigate to http://localhost:4200/. The app will automatically reload if you change any of the source files.

Code scaffolding

Run ng generate component component-name to generate a new component. You can also use ng generate directive|pipe|service|class|guard|interface|enum|module.

Build

Run ng build to build the project. The build artifacts will be stored in the dist/ directory. Use the --prod flag for a production build.

Running unit tests

Run ng test to execute the unit tests via Karma.

Running end-to-end tests

Run ng e2e to execute the end-to-end tests via Protractor.

Run npx playwright test --reporter=line or npx playwright test to run e2e tests.

Further help

To get more help on the Angular CLI use ng help or go check out the Angular CLI Overview and Command Reference page.