:books: Web app for browsing, reading and downloading eBooks stored in a Calibre database
New features:
Bug Fixes:
Fix for proxying cover images to Kobo store
Fix for 'NoneType' object has no attribute 'author_sort' while trying to read a book
Added djv file format as default to djvu reader
Home button in caliblur is now leading calibre-web home instead of "/"
Bugfix for logfile viewer behind proxy located in a folder
Bug
Fixes for special cases during parsing of pdf metadata during upload
Fixes to work with new version of comicapi
Fix for upper- lowercase change of non ascii values in series, tags, ...
Fix for search request fails with error after browser session closed
Remove autocomplete on several elements in edi book section to make typeahead work without problems
Bugfix rename author in book list
Fix creating shelves on mobile device with caliblur theme
Fix visibility for sending to reader without download permissions
Handle invalid or missing or invalid container.xml in epub files during kobo sync
Fixes Uploading pdf file fails with whitespace title
Fix for Kobo UserKey in request missing due to no kobo account
Fix for showing last book of series in grid view
Bugfix for showing series containing only one book in list view having this book no series_index value set
Added additional debug output for download links during kobo sync
Security fix: SMTP server credentials are no longer returned to client
Security fix: Cross-site scripting (XSS) stored in href bypasses filter using data wrapper no longer possible
Security fix: Cross-site scripting (XSS) is no longer possible via pathchooser
Security fix: Error Handling at non existent rating, language, and user downloaded books was fixed
New features:
Bug Fixes:
New features:
Bug Fixes:
New features:
Bug Fixes:
Security fix: Prevent possible SQL Injection in user table Thanks to Iman Sharafaldin (Forward Security) Security fix: SSRF protection no longer can be bypassed by IPV6/IPV4 embedding. Thanks to @416e6e61 Security fix: SSRF protection no longer can be bypassed to connect to other servers in the local network. Thanks to @michaellrowley
New features:
Bug Fixes:
Fix for adding books to shelfs using the caliblur theme
Fix for iOS covers are not displayed during infinite scroll on standard theme
Deleted book formats are removed from synced to kobo table
Fix for "scholarly" requiring internet connection at startup
Fix parsing /Keywords' in doc_info of pdf file with type bytes
Fix for detecting covers in epubs
Fix for already present mobi file during convert for send to kindle
Dependencies are now displayed correct in windows executables
Fix showing of academic cover in case no cover was found from scholary
Fix for empty search results from google
Avoid problems with percent encoded utf-8 abstracts on certain chinese papers while importing metadata from google scholary
Fix a problem with sending emails from custom domain name server
Linux "unrar-free" is now also recognized for displaying unrar version in about section
Fix error message if rename files fails
Fix load metadata on windows executable, due to missing iso639 files
Security fix: The SSRF Protection can no longer be bypassed via an HTTP redirect
Security fix: The SSRF Protection can no longer be bypassed via 0.0.0.0 and it's ipv6 equivalent
Bug Fixes:
Add book to shelf in popup for book details working again
Cover extraction with comicapi for webp files working now
Added missing unique marker on comments table to prevent double book_ids in comment table
Delete book format is working again
Books can be added to shelf from search again
Kobo sync token is now also created if accessed from localhost
If book format is deleted this also deletes the "book synced to kobo" status
Security fix: JavaScript could get executed on authors page
Security fix: Loading cover from localhost is prevented
Security fix: Prevent creating a public shelf without permission
New features:
Bug Fixes:
Fix position read mark in standard theme
Fix grid to list button in series view
Fix sort ascending, descending in author and series list
Fix for Epub viewer isn't displaying images
Fix shelf grid ordering for inverted order at page load
Sorting buttons now visible on medium size screens
"Fetch metadata" update appends to the existing tags instead or replacing them
Exclude upload rights visibility if upload is not activated
Delete book setting only visible if edit book setting is ticked
Current sorting order visible in all sidebar selectors, and search results
Check versions of dependencies at startup and generate logfile output if not matching
Fix which cover are visible in series grid view
Sorting "hot" books only ascending and descending according to download numbers
Downloaded books sorting according to authors name now working
Fixed missing handle_error in convert calibre task (database readonly case)
Fix opds search and opds list of read books
Added some missing supported book languages and unknown book languages don't lead to error message
Improved handling of invalid cover files on upload
Bugfix show all allowed languages in user settings in case restrictions currently apply
Bugfix search in books list
Fixed KoboSynce in general and in multiuser environment
Unicode texts (title, author) are showing up right on kobo reader
Added some missing kobo routes (prevents 404 response)
Kobo Sync token only updated after complete library sync
Guest sorting options are now stored in the browser session
Visibility of upload buttons now depends only on upload right and no more on admin right
Bugfix edit series_index
Delete books in shelfs, downloaded books, kobo sync status, etc on database change
Improved handling of calibre output on windows
Catch more Gdrive errors
Bugfix advanced search for language
Bugfix uncheck all elements in books list and user list
Whitespaces are trimmed also for normal search
Better version output in about page
Load metadata including loading from google-scholary is working again
Deleting users now deletes also depending entries in all tables
Prevent 2 public shelfs with same names due to changing public property (thanks to @alicaz)
Security fix: Changed error message in case of trying to delete a shelf unauthorized
Security fix: Added missing check for creating public shelfs
Security fix: Fix upload of cover and book formats containing html characters
Security fix: Migrated some routes to POST-requests (CSRF protection)
Security fix: Fix for "javascript:" script links in identifier
New features:
Bug Fixes:
Hovering on cover, now shows tooltip also in Caliblur! Theme
Added missing default locale and default language view upon importing ldap user
Language names on non english locales are now displayed correct
Misaligned shelf names after glyphicon
Fix filemodal file selection dialog now works for more than one filepicker on page
Kobo sync for more than 100 books now works correct
Show checkbox from boolean custom columns on details page with caliblur theme
In comic reader files are naturally sorted again
Bugfix for book list with language restriction or archived books
Remove include subdomwains from hsts protection
Bugfix for covers are not displayed during infinite scroll on standard theme on Safari browsers
Bugfix for mime-type not executable on windows
Security fix: CSRF protection
Security fix: JavaScript payload can no longer be injected in all typeahead functions
New features:
Bug Fixes:
Fix searching for custom columns created after calibre-web was started
Extended search term with excluded series/shelfs are now working
Fixes in the !Caliblur theme
Fix for pdf buttons missing in safari browsers (iOS, iPadOS, macOS)
Enhanced compatability with sqlalchemy 2.0
Updated translations
Books with uppercase extensions are now found after upload
Deleting book with additional "/" in database path is now working
Fix error "unclosed IO" on external binary version query
Bugfix with encoding errors windows on external binary version query
Fix encoding errors on windows while downloading logbooks
Change user name is no longer allowed as non admin
Entries of user table are now visible if database has no tags
Deleting shelfs and so on failed before while deleting users
Fix show edit user after exception
Handle shelf request without title properly
Import LDAP User with "." in the name is now possible
All html special characters are nnow handled properly while editing fields in tables
List/grid button action is now possbile while accessing Calibre-Web behind a reverse proxy
With merge button disabled it's no longer possible to open merge dialog
Quotes are now handled properly in UI-editable tables
Better handling of defective utf-16 txt files while viewing them
Security fix: Name of Shelves are only visible to users who can access the corresponding shelf
Security fix: It's no longer possible to login with the old session cookie after logout
Security fix: Shelves can only be deleted by the owner
Security fix: JavaScript payload can no longer be injected in the description field
Security fix: JavaScript payload can no longer be injected in a custom column of type "comment" field
Security fix: JavaScript payload is no longer executed after converting a book to another format with a title containing javascript code
Security fix: JavaScript payload is no longer executed after converting a book to another format with a username containing javascript code
Security fix: JavaScript payload can no longer be injected in the description series, categories or publishers title
Security fix: JavaScript payload can no longer be injected in the shelf title
New features:
Bug Fixes:
Changes behind the scenes: