fix(i18n): accept translated confirmation text when clearing snapshot history (#3940)

changedetectionio/__init__.py

@@ -2,7 +2,7 @@
 
 # Read more https://github.com/dgtlmoon/changedetection.io/wiki
 # Semver means never use .01, or 00. Should be .1.
-__version__ = '0.54.2'
+__version__ = '0.54.3'
 
 from changedetectionio.strtobool import strtobool
 from json.decoder import JSONDecodeError

changedetectionio/blueprint/ui/__init__.py

@@ -156,9 +156,9 @@ def construct_blueprint(datastore: ChangeDetectionStore, update_q, worker_pool,
     @login_optionally_required
     def clear_all_history():
         if request.method == 'POST':
-            confirmtext = request.form.get('confirmtext')
+            confirmtext = request.form.get('confirmtext', '')
 
-            if confirmtext == 'clear':
+            if confirmtext.strip().lower() == gettext('clear').strip().lower():
                 # Run in background thread to avoid blocking
                 def clear_history_background():
                     # Capture UUIDs first to avoid race conditions

changedetectionio/languages.py

@@ -37,6 +37,7 @@ def get_timeago_locale(flask_locale):
         'no': 'nb_NO',      # Norwegian Bokmål
         'hi': 'in_HI',      # Hindi
         'cs': 'en',         # Czech not supported by timeago, fallback to English
+        'uk': 'uk',         # Ukrainian
         'en_GB': 'en',      # British English - timeago uses 'en'
         'en_US': 'en',      # American English - timeago uses 'en'
     }
@@ -67,6 +68,7 @@ LANGUAGE_DATA = {
     'tr': {'flag': 'fi fi-tr fis', 'name': 'Türkçe'},
     'ar': {'flag': 'fi fi-sa fis', 'name': 'العربية'},
     'hi': {'flag': 'fi fi-in fis', 'name': 'हिन्दी'},
+    'uk': {'flag': 'fi fi-ua fis', 'name': 'Українська'},
 }
 
 

changedetectionio/tests/test_i18n.py

@@ -624,3 +624,76 @@ def test_session_locale_overrides_accept_language(client, live_server, measure_m
     assert "분".encode() in res.data, "Expected Korean '분' for Minutes"
     assert "小時".encode() not in res.data, "Should not have Traditional Chinese '小時' when Korean is set"
     assert "分鐘".encode() not in res.data, "Should not have Traditional Chinese '分鐘' when Korean is set"
+
+
+def test_clear_history_translated_confirmation(client, live_server, measure_memory_usage, datastore_path):
+    """
+    Test that clearing snapshot history works with translated confirmation text.
+
+    Issue #3865: When the app language is set to German, the clear history
+    confirmation dialog shows the translated word (e.g. 'loschen') but the
+    backend only accepted the English word 'clear', making it impossible
+    to clear snapshots in non-English languages.
+    """
+    from flask import url_for
+
+    test_url = url_for('test_endpoint', _external=True)
+
+    # Add a watch so there is history to clear
+    res = client.post(
+        url_for("imports.import_page"),
+        data={"urls": test_url},
+        follow_redirects=True
+    )
+    assert b"1 Imported" in res.data
+    wait_for_all_checks(client)
+
+    # Set language to German
+    res = client.get(
+        url_for("set_language", locale="de"),
+        follow_redirects=True
+    )
+    assert res.status_code == 200
+
+    # Verify the clear history page shows the German confirmation word
+    res = client.get(
+        url_for("ui.clear_all_history"),
+        follow_redirects=True
+    )
+    assert res.status_code == 200
+    assert "löschen".encode() in res.data, "Expected German word 'loschen' on clear history page"
+
+    # Submit the form with the German translated word
+    res = client.post(
+        url_for("ui.clear_all_history"),
+        data={"confirmtext": "löschen"},
+        follow_redirects=True
+    )
+    assert res.status_code == 200
+    # Should NOT show error message
+    assert b"Incorrect confirmation text" not in res.data, \
+        "German confirmation word 'loschen' should be accepted (issue #3865)"
+
+    # Switch back to English and verify English word still works
+    res = client.get(
+        url_for("set_language", locale="en_US"),
+        follow_redirects=True
+    )
+
+    res = client.post(
+        url_for("ui.clear_all_history"),
+        data={"confirmtext": "clear"},
+        follow_redirects=True
+    )
+    assert res.status_code == 200
+    assert b"Incorrect confirmation text" not in res.data, \
+        "English confirmation word 'clear' should still be accepted"
+
+    # Verify that missing/empty confirmtext does not crash the server
+    res = client.post(
+        url_for("ui.clear_all_history"),
+        data={},
+        follow_redirects=True
+    )
+    assert res.status_code == 200, \
+        "Missing confirmtext should not crash the server"

changedetectionio/tests/test_security.py

@@ -584,13 +584,16 @@ def test_static_directory_traversal(client, live_server, measure_memory_usage, d
 
 def test_ssrf_private_ip_blocked(client, live_server, monkeypatch, measure_memory_usage, datastore_path):
     """
-    SSRF protection: IANA-reserved/private IP addresses must be blocked by default.
+    SSRF protection: IANA-reserved/private IP addresses are blocked at fetch-time, not add-time.
+
+    Watches targeting private/reserved IPs can be *added* freely; the block happens when the
+    fetcher actually tries to reach the URL (via validate_iana_url() in call_browser()).
 
     Covers:
     1. is_private_hostname() correctly classifies all reserved ranges
-    2. is_safe_valid_url() rejects private-IP URLs at add-time (env var off)
-    3. is_safe_valid_url() allows private-IP URLs when ALLOW_IANA_RESTRICTED_ADDRESSES=true
-    4. UI form rejects private-IP URLs and shows the standard error message
+    2. is_safe_valid_url() ALLOWS private-IP URLs at add-time (IANA check moved to fetch-time)
+    3. ALLOW_IANA_RESTRICTED_ADDRESSES has no effect on add-time; it only controls fetch-time
+    4. UI form accepts private-IP URLs at add-time without error
     5. Requests fetcher blocks fetch-time DNS rebinding (fresh check on every fetch)
     6. Requests fetcher blocks redirects that lead to a private IP (open-redirect bypass)
 
@@ -623,9 +626,10 @@ def test_ssrf_private_ip_blocked(client, live_server, monkeypatch, measure_memor
         assert not is_private_hostname(host), f"{host} should be identified as public"
 
     # ------------------------------------------------------------------
-    # 2. is_safe_valid_url() blocks private-IP URLs (env var off)
+    # 2. is_safe_valid_url() ALLOWS private-IP URLs at add-time
+    #    IANA check is no longer done here — it moved to fetch-time validate_iana_url()
     # ------------------------------------------------------------------
-    blocked_urls = [
+    private_ip_urls = [
         'http://127.0.0.1/',
         'http://10.0.0.1/',
         'http://172.16.0.1/',
@@ -636,21 +640,24 @@ def test_ssrf_private_ip_blocked(client, live_server, monkeypatch, measure_memor
         'http://[fc00::1]/',
         'http://[fe80::1]/',
     ]
-    for url in blocked_urls:
-        assert not is_safe_valid_url(url), f"{url} should be blocked by is_safe_valid_url"
+    for url in private_ip_urls:
+        assert is_safe_valid_url(url), f"{url} should be allowed by is_safe_valid_url (IANA check is at fetch-time)"
 
     # ------------------------------------------------------------------
-    # 3. ALLOW_IANA_RESTRICTED_ADDRESSES=true bypasses the block
+    # 3. ALLOW_IANA_RESTRICTED_ADDRESSES does not affect add-time validation
+    #    It only controls fetch-time blocking inside validate_iana_url()
     # ------------------------------------------------------------------
     monkeypatch.setenv('ALLOW_IANA_RESTRICTED_ADDRESSES', 'true')
     assert is_safe_valid_url('http://127.0.0.1/'), \
-        "Private IP should be allowed when ALLOW_IANA_RESTRICTED_ADDRESSES=true"
+        "Private IP should be allowed at add-time regardless of ALLOW_IANA_RESTRICTED_ADDRESSES"
 
-    # Restore the block for the remaining assertions
     monkeypatch.setenv('ALLOW_IANA_RESTRICTED_ADDRESSES', 'false')
+    assert is_safe_valid_url('http://127.0.0.1/'), \
+        "Private IP should be allowed at add-time regardless of ALLOW_IANA_RESTRICTED_ADDRESSES"
 
     # ------------------------------------------------------------------
-    # 4. UI form rejects private-IP URLs
+    # 4. UI form accepts private-IP URLs at add-time
+    #    The watch is created; the SSRF block fires later at fetch-time
     # ------------------------------------------------------------------
     for url in ['http://127.0.0.1/', 'http://169.254.169.254/latest/meta-data/']:
         res = client.post(
@@ -658,8 +665,8 @@ def test_ssrf_private_ip_blocked(client, live_server, monkeypatch, measure_memor
             data={'url': url, 'tags': ''},
             follow_redirects=True
         )
-        assert b'Watch protocol is not permitted or invalid URL format' in res.data, \
-            f"UI should reject {url}"
+        assert b'Watch protocol is not permitted or invalid URL format' not in res.data, \
+            f"UI should accept {url} at add-time (SSRF is blocked at fetch-time)"
 
     # ------------------------------------------------------------------
     # 5. Fetch-time DNS-rebinding check in the requests fetcher

changedetectionio/validate_url.py

@@ -71,12 +71,15 @@ def is_private_hostname(hostname):
         for info in socket.getaddrinfo(hostname, None):
             ip = ipaddress.ip_address(info[4][0])
             if ip.is_private or ip.is_loopback or ip.is_link_local or ip.is_reserved:
+                logger.warning(f"Hostname '{hostname} - {ip} - ip.is_private = {ip.is_private}, ip.is_loopback = {ip.is_loopback}, ip.is_link_local = {ip.is_link_local}, ip.is_reserved = {ip.is_reserved}")
                 return True
     except socket.gaierror as e:
         logger.warning(f"{hostname} error checking {str(e)}")
         return False
+    logger.info(f"Hostname '{hostname}' is NOT private/IANA restricted.")
     return False
 
+
 def is_safe_valid_url(test_url):
     from changedetectionio import strtobool
     from changedetectionio.jinja2_custom import render as jinja_render
@@ -139,12 +142,4 @@ def is_safe_valid_url(test_url):
         logger.warning(f'URL f"{test_url}" failed validation, aborting.')
         return False
 
-    # Block IANA-restricted (private/reserved) IP addresses unless explicitly allowed.
-    # This is an add-time check; fetch-time re-validation in requests.py handles DNS rebinding.
-    if not strtobool(os.getenv('ALLOW_IANA_RESTRICTED_ADDRESSES', 'false')):
-        parsed = urlparse(test_url)
-        if parsed.hostname and is_private_hostname(parsed.hostname):
-            logger.warning(f'URL "{test_url}" resolves to a private/reserved IP address, aborting.')
-            return False
-
     return True