Safari currently exhibits a bug where Partitioned cookies (CHIPS) are not
sent back to the originating site after multi-hop cross-site redirects,
breaking SSO login flows in pretix.
Partitioned cookies were initially introduced in Safari 18.4, removed
again in 18.5 due to a bug, and reintroduced in Safari 26.2, where the
current issue is present.
As a mitigation, disable sending the `Partitioned` attribute for Safari
user agents. This is intentionally conservative; once the Safari issue
is fixed, this check should be refined to be conditional on the affected
versions only.
WebKit issues:
- https://bugs.webkit.org/show_bug.cgi?id=292975
- https://bugs.webkit.org/show_bug.cgi?id=306194
Move generation of QR code contents out of the HTML template and into Python code, so it can
be reused in plugins and tested with unit tests. Add the SPAYD QR code format which is used in
Czech Republic and Slovakia [1]. Display BezahlCode QR codes only for German IBANs.
[1] https://en.wikipedia.org/wiki/Short_Payment_Descriptor
* Run exporters in repeatable read by default (Z#23173095)
* Update src/pretix/helpers/database.py
Co-authored-by: Richard Schreiber <schreiber@rami.io>
* Rename parameter, add test
* Do not run during tests
---------
Co-authored-by: Richard Schreiber <schreiber@rami.io>
* Add Spanish (LatAm) and improve how we count language coverage
* Apply suggestions from code review
Co-authored-by: Richard Schreiber <schreiber@rami.io>
* Fix license header
---------
Co-authored-by: Richard Schreiber <schreiber@rami.io>
* async_task: deduplicate response handling code
* extend cart without full page reload
* update dialog markup
* fix error response from CartExtend
* refactor asynctask, make sure waitingDialog.show() re-initializes dialog contents
* add cart expiry notification
* add aria references to other dialogs
* improve error handling
* fix error if max_extend=None
* different message for expiring soon and expired carts
* refactor dialog css
* add classes to further dialog elements
* switch extend-cart-dialog and loadingmodal to <dialog>
* Backport simple_block_tag from Django 5.2
* Use simple_block_tag for {% dialog %} tag
* add alertdialog role
* Update src/pretix/static/pretixbase/scss/_dialogs.scss
Co-authored-by: Richard Schreiber <schreiber@rami.io>
* fix mobile dialog styles not being overwritten
* asynctask dialog: prevent close by escape on chrome
* remove dynamic aria-live from #cart-deadline
dynamic aria-live is generally not well supported and as we have the dialog now anyways, we can remove it
* move continue-button to right
* Update src/pretix/static/pretixpresale/js/ui/cart.js
Co-authored-by: Richard Schreiber <schreiber@rami.io>
* Fix CSS for old-style dialog
* fix heading display/level
* align dialogs at the top as they originally were
* fix </div> from merge-conflict
* fix missing grow for dialog-content
* improve cart-extend-button ui
* do not show cart-extend-dialog onload
* improve message if 0 minutes
* do not save messae in session if ajax_dont_redirect
* add ajax_dont_redirect to async_task_check_url
* improve draw_deadline to only update #cart-deadline if necessary
* add renew-confirmation-message
---------
Co-authored-by: Richard Schreiber <schreiber@rami.io>
Co-authored-by: Raphael Michel <michel@rami.io>
* Add the option to introduce rich-text placeholders
* Add tests in test_format
* Add some css
* Block vs inline
* Some fixed css
* Update src/pretix/control/forms/event.py
Co-authored-by: Mira <weller@rami.io>
* Add missing docstring prat
---------
Co-authored-by: Mira <weller@rami.io>
* Show minimal check-in status in order export (Z#23154920)
* Update src/pretix/helpers/database.py
Co-authored-by: Mira <weller@rami.io>
* Review note
---------
Co-authored-by: Mira <weller@rami.io>
