docs/source/changelog.rst

@@ -2,20 +2,6 @@ Change Log
 ==========
 
 
-Version 1.5.4
--------------
-
-Released 2023/5/18
-
-Security fixes.
-
-* Added safeguard to the next URI utilities, to prevent Cross-Site
-  Scripting (XSS) attacks.
-* Applied the safe next URI utilities to the test site.
-* Added the ``SameSite`` and ``Secure`` flags to the session cookie
-  of the test site.
-
-
 Version 1.5.3
 -------------
 

src/accounting/__init__.py

@@ -24,7 +24,7 @@ from flask_sqlalchemy import SQLAlchemy
 
 from accounting.utils.user import UserUtilityInterface
 
-VERSION: str = "1.5.4"
+VERSION: str = "1.5.3"
 """The package version."""
 db: SQLAlchemy = SQLAlchemy()
 """The database instance."""

tests/test_journal_entry.py

@@ -2153,7 +2153,7 @@ class JournalEntryReorderTestCase(unittest.TestCase):
             self.assertEqual(db.session.get(JournalEntry, id_1).no, 1)
             self.assertEqual(db.session.get(JournalEntry, id_2).no, 3)
             self.assertEqual(db.session.get(JournalEntry, id_3).no, 2)
-            self.assertEqual(   db.session.get(JournalEntry, id_4).no, 1)
+            self.assertEqual(db.session.get(JournalEntry, id_4).no, 1)
             self.assertEqual(db.session.get(JournalEntry, id_5).no, 2)
 
     def test_reorder(self) -> None:
@@ -2181,14 +2181,14 @@ class JournalEntryReorderTestCase(unittest.TestCase):
         response = self.client.post(
             f"{PREFIX}/dates/{date.isoformat()}",
             data={"csrf_token": self.csrf_token,
-                  "next": NEXT_URI,
+                  "next": "/next",
                   f"{id_1}-no": "4",
                   f"{id_2}-no": "1",
                   f"{id_3}-no": "5",
                   f"{id_4}-no": "2",
                   f"{id_5}-no": "3"})
         self.assertEqual(response.status_code, 302)
-        self.assertEqual(response.headers["Location"], NEXT_URI)
+        self.assertEqual(response.headers["Location"], f"/next")
 
         with self.app.app_context():
             self.assertEqual(db.session.get(JournalEntry, id_1).no, 4)
@@ -2209,12 +2209,12 @@ class JournalEntryReorderTestCase(unittest.TestCase):
         response = self.client.post(
             f"{PREFIX}/dates/{date.isoformat()}",
             data={"csrf_token": self.csrf_token,
-                  "next": NEXT_URI,
+                  "next": "/next",
                   f"{id_2}-no": "3a",
                   f"{id_3}-no": "5",
                   f"{id_4}-no": "2"})
         self.assertEqual(response.status_code, 302)
-        self.assertEqual(response.headers["Location"], NEXT_URI)
+        self.assertEqual(response.headers["Location"], f"/next")
 
         with self.app.app_context():
             self.assertEqual(db.session.get(JournalEntry, id_1).no, 3)