ghost 6.37.1 → 6.38.0

package/core/server/services/gifts/email-templates/gift-purchase-confirmation.js

@@ -2,18 +2,16 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.renderText = renderText;
 function renderText(data) {
-    return `Your gift is ready to share!
+    return `Your gift is ready
 
-Thank you for supporting ${data.siteTitle}. Send the link below to share your gift with whoever you'd like.
+Thanks for supporting ${data.siteTitle}. Share the link below to give someone access to ${data.gift.tierName} membership for ${data.gift.cadenceLabel}.
 
-Gift subscription: ${data.gift.tierName} • ${data.gift.cadenceLabel}
+${data.gift.link}
 
-Gift link: ${data.gift.link}
+The link can be redeemed once and expires on ${data.gift.expiresAt}.
 
-This link expires on ${data.gift.expiresAt} and can be redeemed once by anyone who isn't already a paid member of ${data.siteTitle}.
+Happy gifting.
 
 ---
-
-Sent to ${data.toEmail} from ${data.siteDomain}.
-You received this email because you purchased a gift subscription on ${data.siteTitle}.`;
+This message was sent from ${data.siteDomain} to ${data.toEmail}.`;
 }

package/core/server/services/gifts/email-templates/gift-purchase-confirmation.ts

@@ -11,18 +11,16 @@ export interface GiftPurchaseConfirmationData {
 }
 
 export function renderText(data: GiftPurchaseConfirmationData): string {
-    return `Your gift is ready to share!
+    return `Your gift is ready
 
-Thank you for supporting ${data.siteTitle}. Send the link below to share your gift with whoever you'd like.
+Thanks for supporting ${data.siteTitle}. Share the link below to give someone access to ${data.gift.tierName} membership for ${data.gift.cadenceLabel}.
 
-Gift subscription: ${data.gift.tierName} • ${data.gift.cadenceLabel}
+${data.gift.link}
 
-Gift link: ${data.gift.link}
+The link can be redeemed once and expires on ${data.gift.expiresAt}.
 
-This link expires on ${data.gift.expiresAt} and can be redeemed once by anyone who isn't already a paid member of ${data.siteTitle}.
+Happy gifting.
 
 ---
-
-Sent to ${data.toEmail} from ${data.siteDomain}.
-You received this email because you purchased a gift subscription on ${data.siteTitle}.`;
+This message was sent from ${data.siteDomain} to ${data.toEmail}.`;
 }

package/core/server/services/gifts/email-templates/gift-reminder.hbs

@@ -6,14 +6,13 @@
     <title>Your gift subscription is ending soon</title>
     <style>
       @media only screen and (max-width: 620px) {
-        table.body h1 { font-size: 22px !important; padding-bottom: 16px !important; }
         table.body p, table.body td, table.body a { font-size: 16px !important; }
         table.body .wrapper { padding: 10px !important; }
         table.body .content { padding: 0 !important; }
         table.body .container { padding: 0 !important; width: 100% !important; }
         table.body .main { border-radius: 0 !important; }
-        table.body p.large, table.body p.large a { font-size: 18px !important; }
-        table.body p.small, table.body a.small { font-size: 12px !important; }
+        table.body .btn a { width: 100% !important; }
+        table.body p.small, table.body a.small { font-size: 11px !important; }
       }
     </style>
   </head>
@@ -39,37 +38,18 @@
                     {{/if}}
                     <tr>
                       <td style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 14px; vertical-align: top;">
-                        <h1 style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 26px; color: #15212A; font-weight: bold; line-height: 28px; margin: 0; padding-bottom: 12px;">Your gift subscription is ending&nbsp;soon</h1>
-                        <p style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 16px; color: #3A464C; font-weight: normal; margin: 0; padding-bottom: 24px;">Your gift subscription to {{siteTitle}} ends on {{gift.consumesAt}}. Continue with a paid subscription to keep reading.</p>
-                        <table width="100%" border="0" cellpadding="0" cellspacing="0" style="border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; table-layout: fixed; width: 100%; min-width: 100%; box-sizing: border-box; background: #F4F5F6; border-radius: 8px;">
+                        <p style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 16px; color: #15212A; font-weight: normal; line-height: 24px; margin: 0; padding-bottom: 24px;">Hey there,</p>
+                        <p style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 16px; color: #3A464C; font-weight: normal; line-height: 24px; margin: 0; padding-bottom: 24px;">Your gift subscription expires on <strong>{{gift.consumesAt}}</strong>.</p>
+                        <p style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 16px; color: #3A464C; font-weight: normal; line-height: 24px; margin: 0; padding-bottom: 32px;">If you've been enjoying {{siteTitle}}, continue your membership for {{gift.priceAfter}} to keep full access to every post and newsletter.</p>
+                        <table border="0" cellpadding="0" cellspacing="0" class="btn btn-primary" style="border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; width: 100%; box-sizing: border-box;">
                           <tbody>
                             <tr>
-                              <td align="left" style="padding: 24px;">
-                                <table border="0" cellpadding="0" cellspacing="0">
-                                  <tr>
-                                    <td style="padding-right: 8px; background-color: #F4F5F6; text-align: left; vertical-align: middle;" valign="middle">
-                                      <p style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 15px; margin: 0; padding-bottom: 4px; color: #15171A; font-weight: 700;">Gift subscription</p>
-                                      <p class="large" style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 18px; margin: 0; padding-bottom: 24px; color: #15171A; font-weight: 400;">{{gift.tierName}}</p>
-                                      <p style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 15px; margin: 0; padding-bottom: 4px; color: #15171A; font-weight: 700;">Ends on</p>
-                                      <p class="large" style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 18px; margin: 0; padding-bottom: 24px; color: #15171A; font-weight: 400;">{{gift.consumesAt}}</p>
-                                      <p style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 15px; margin: 0; padding-bottom: 4px; color: #15171A; font-weight: 700;">Price after gift ends</p>
-                                      <p class="large" style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 18px; margin: 0; padding-bottom: 0; color: #15171A; font-weight: 400;">{{gift.priceAfter}}</p>
-                                    </td>
-                                  </tr>
-                                </table>
-                                <table border="0" cellpadding="0" cellspacing="0" class="btn btn-primary" style="border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; width: 100%; box-sizing: border-box; padding-top: 24px;">
+                              <td align="left" style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 16px; vertical-align: top;">
+                                <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; width: auto;">
                                   <tbody>
                                     <tr>
-                                      <td align="left" style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 16px; vertical-align: top;">
-                                        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; width: auto;">
-                                          <tbody>
-                                            <tr>
-                                              <td style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 15px; vertical-align: top; background-color: {{accentColor}}; border-radius: 8px; text-align: center;">
-                                                <a href="{{gift.manageSubscriptionUrl}}" target="_blank" style="display: inline-block; color: #ffffff; background-color: {{accentColor}}; border: solid 1px {{accentColor}}; border-radius: 8px; padding: 10px 20px; text-decoration: none;">Continue subscription</a>
-                                              </td>
-                                            </tr>
-                                          </tbody>
-                                        </table>
+                                      <td style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 16px; vertical-align: top; background-color: {{accentColor}}; border-radius: 6px; text-align: center;">
+                                        <a href="{{gift.manageSubscriptionUrl}}" target="_blank" style="display: inline-block; color: #ffffff; background-color: {{accentColor}}; border: solid 1px {{accentColor}}; border-radius: 6px; box-sizing: border-box; cursor: pointer; text-decoration: none; font-size: 16px; font-weight: 600; margin: 0; padding: 12px 22px; border-color: {{accentColor}};">Continue membership</a>
                                       </td>
                                     </tr>
                                   </tbody>
@@ -83,13 +63,8 @@
 
                     <!-- START FOOTER -->
                     <tr>
-                      <td style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 12px; vertical-align: top; padding-top: 56px;">
-                        <p class="small" style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; line-height: 18px; font-size: 12px; color: #7C8B9A; font-weight: normal; margin: 0;">This message was sent from <a class="small" href="{{siteUrl}}" style="text-decoration: underline; color: #7C8B9A; font-size: 12px;">{{siteDomain}}</a> to <a class="small" href="mailto:{{memberEmail}}" style="text-decoration: underline; color: #7C8B9A; font-size: 12px;">{{memberEmail}}</a></p>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 12px; vertical-align: top;">
-                        <p class="small" style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; line-height: 18px; font-size: 12px; color: #7C8B9A; font-weight: normal; margin: 0;">You received this email because your gift subscription to <a class="small" href="{{siteUrl}}" style="text-decoration: underline; color: #7C8B9A; font-size: 12px;">{{siteTitle}}</a> is ending soon.</p>
+                      <td style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 14px; vertical-align: top; padding-top: 80px;">
+                        <p class="small" style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; line-height: 16px; font-size: 11px; color: #738A94; font-weight: normal; margin: 0;">This message was sent from <a class="small" href="{{siteUrl}}" style="text-decoration: underline; color: #738A94; font-size: 11px;">{{siteDomain}}</a> to <a class="small" href="mailto:{{memberEmail}}" style="text-decoration: underline; color: #738A94; font-size: 11px;">{{memberEmail}}</a>.</p>
                       </td>
                     </tr>
 

package/core/server/services/gifts/email-templates/gift-reminder.js

@@ -2,19 +2,15 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.renderText = renderText;
 function renderText(data) {
-    return `Your gift subscription is ending soon
+    return `Hey there,
 
-Your gift subscription to ${data.siteTitle} ends on ${data.gift.consumesAt}. Continue with a paid subscription to keep reading.
+Your gift subscription expires on ${data.gift.consumesAt}.
 
-Gift subscription: ${data.gift.tierName}
-Ends on: ${data.gift.consumesAt}
-Price after gift ends: ${data.gift.priceAfter}
+If you've been enjoying ${data.siteTitle}, continue your membership for ${data.gift.priceAfter} to keep full access to every post and newsletter.
 
-Continue subscription:
+Continue membership:
 ${data.gift.manageSubscriptionUrl}
 
 ---
-
-Sent to ${data.memberEmail} from ${data.siteDomain}.
-You received this email because your gift subscription to ${data.siteTitle} is ending soon.`;
+This message was sent from ${data.siteDomain} to ${data.memberEmail}.`;
 }

package/core/server/services/gifts/email-templates/gift-reminder.ts

@@ -14,19 +14,15 @@ export interface GiftReminderData {
 }
 
 export function renderText(data: GiftReminderData): string {
-    return `Your gift subscription is ending soon
+    return `Hey there,
 
-Your gift subscription to ${data.siteTitle} ends on ${data.gift.consumesAt}. Continue with a paid subscription to keep reading.
+Your gift subscription expires on ${data.gift.consumesAt}.
 
-Gift subscription: ${data.gift.tierName}
-Ends on: ${data.gift.consumesAt}
-Price after gift ends: ${data.gift.priceAfter}
+If you've been enjoying ${data.siteTitle}, continue your membership for ${data.gift.priceAfter} to keep full access to every post and newsletter.
 
-Continue subscription:
+Continue membership:
 ${data.gift.manageSubscriptionUrl}
 
 ---
-
-Sent to ${data.memberEmail} from ${data.siteDomain}.
-You received this email because your gift subscription to ${data.siteTitle} is ending soon.`;
+This message was sent from ${data.siteDomain} to ${data.memberEmail}.`;
 }

package/core/server/services/gifts/gift-service.js

@@ -74,7 +74,7 @@ class GiftService {
             throw new errors_1.default.NotFoundError({ message: `Tier not found: ${data.tierId}` });
         }
         try {
-            await this.deps.staffServiceEmails.notifyGiftReceived({
+            await this.deps.staffServiceEmails.notifyGiftPurchased({
                 name: member?.get('name') ?? null,
                 email: member?.get('email') ?? data.buyerEmail,
                 memberId: member?.id ?? null,

package/core/server/services/gifts/gift-service.ts

@@ -80,7 +80,7 @@ interface GiftEmailService {
 }
 
 interface StaffServiceEmails {
-    notifyGiftReceived(data: {
+    notifyGiftPurchased(data: {
         name: string | null;
         email: string;
         memberId: string | null;
@@ -208,7 +208,7 @@ export class GiftService {
         }
 
         try {
-            await this.deps.staffServiceEmails.notifyGiftReceived({
+            await this.deps.staffServiceEmails.notifyGiftPurchased({
                 name: member?.get('name') ?? null,
                 email: member?.get('email') ?? data.buyerEmail,
                 memberId: member?.id ?? null,

package/core/server/services/member-welcome-emails/service.js

@@ -9,7 +9,6 @@ const emailAddressService = require('../email-address');
 const settingsHelpers = require('../settings-helpers');
 const EmailAddressParser = require('../email-address/email-address-parser');
 const mail = require('../mail');
-// @ts-expect-error type checker has trouble with the dynamic exporting in models
 const {WelcomeEmailAutomation, WelcomeEmailAutomatedEmail, Newsletter} = require('../../models');
 const MemberWelcomeEmailRenderer = require('./member-welcome-email-renderer');
 const {MEMBER_WELCOME_EMAIL_LOG_KEY, MEMBER_WELCOME_EMAIL_TAG, MEMBER_WELCOME_EMAIL_SLUGS, MESSAGES} = require('./constants');

package/core/server/services/members/members-api/controllers/router-controller.js

@@ -65,6 +65,45 @@ function extractGiftToken(input) {
     return input.trim();
 }
 
+/**
+ * Validate that a candidate return URL (e.g. Stripe Checkout success/cancel URL) points back
+ * to the configured Ghost site. Returns `undefined` when the candidate is missing, malformed,
+ * on a different origin, or outside of the site's subpath (for subpath installs) — leaving
+ * the downstream Stripe service to fall back to its configured default URL.
+ *
+ * This prevents the public checkout endpoints being abused as open-redirect surfaces.
+ *
+ * @param {string | undefined} candidate - URL provided in the request body
+ * @param {string} siteUrl - The site URL returned by urlUtils.getSiteUrl()
+ * @returns {string | undefined} The candidate URL if same-origin, otherwise undefined
+ */
+function sanitizeReturnUrl(candidate, siteUrl) {
+    if (typeof candidate !== 'string' || candidate.length === 0) {
+        return undefined;
+    }
+
+    let site;
+    let url;
+
+    try {
+        site = new URL(siteUrl);
+        url = new URL(candidate);
+    } catch {
+        return undefined;
+    }
+
+    if (url.origin !== site.origin) {
+        return undefined;
+    }
+
+    // Normalize site/candidate paths to trailing-slash form so that /blog and /blog/
+    // are treated equivalently when the site is configured at a subpath.
+    const sitePath = site.pathname.endsWith('/') ? site.pathname : `${site.pathname}/`;
+    const urlPath = url.pathname.endsWith('/') ? url.pathname : `${url.pathname}/`;
+
+    return urlPath.startsWith(sitePath) ? url.href : undefined;
+}
+
 module.exports = class RouterController {
     #inboxLinksDnsResolver = new dns.Resolver({maxTimeout: 1000});
 
@@ -202,9 +241,10 @@ module.exports = class RouterController {
             customer = await this._stripeAPIService.getCustomer(subscription.get('customer_id'));
         }
 
+        const siteUrl = this._urlUtils.getSiteUrl();
         const session = await this._stripeAPIService.createCheckoutSetupSession(customer, {
-            successUrl: req.body.successUrl,
-            cancelUrl: req.body.cancelUrl,
+            successUrl: sanitizeReturnUrl(req.body.successUrl, siteUrl),
+            cancelUrl: sanitizeReturnUrl(req.body.cancelUrl, siteUrl),
             subscription_id: req.body.subscription_id,
             currency
         });
@@ -267,8 +307,9 @@ module.exports = class RouterController {
 
         const configurationId = this._settingsCache.get('stripe_billing_portal_configuration_id');
 
+        const siteUrl = this._urlUtils.getSiteUrl();
         const session = await this._stripeAPIService.createBillingPortalSession(customer, {
-            returnUrl: req.body.returnUrl,
+            returnUrl: sanitizeReturnUrl(req.body.returnUrl, siteUrl),
             ...(configurationId && {configurationId})
         });
         const sessionInfo = {
@@ -694,10 +735,14 @@ module.exports = class RouterController {
             metadata.newsletters = JSON.stringify(await this._validateNewsletters(JSON.parse(metadata.newsletters)));
         }
 
+        const siteUrl = this._urlUtils.getSiteUrl();
+        const successUrl = sanitizeReturnUrl(req.body.successUrl, siteUrl);
+        const cancelUrl = sanitizeReturnUrl(req.body.cancelUrl, siteUrl);
+
         // Build options
         const options = {
-            successUrl: req.body.successUrl,
-            cancelUrl: req.body.cancelUrl,
+            successUrl,
+            cancelUrl,
             email: req.body.customerEmail,
             member,
             metadata,
@@ -788,8 +833,8 @@ module.exports = class RouterController {
                 ...options,
                 ...data,
                 duration: 1, // gifts are currently 1 month or 1 year only
-                successUrl: this._urlUtils.getSiteUrl(),
-                cancelUrl: this._urlUtils.getSiteUrl()
+                successUrl: siteUrl,
+                cancelUrl: options.cancelUrl || siteUrl
             });
         }
 

package/core/server/services/members/members-api/services/member-bread-service.js

@@ -349,10 +349,6 @@ module.exports = class MemberBREADService {
             withRelated.add('productEvents');
         }
 
-        if (withRelated.has('email_recipients')) {
-            withRelated.add('email_recipients.email');
-        }
-
         const model = await this.memberRepository.get(data, {
             ...options,
             withRelated: Array.from(withRelated)
@@ -610,10 +606,6 @@ module.exports = class MemberBREADService {
             withRelated.add('productEvents');
         }
 
-        if (withRelated.has('email_recipients')) {
-            withRelated.add('email_recipients.email');
-        }
-
         //option param to skip distinct from count query, distinct adds a lot of latency and in this case the result set will always be unique.
         options.useBasicCount = true;
 

package/core/server/services/route-settings/route-settings.js

@@ -95,10 +95,20 @@ class RouteSettings {
         await this.createBackupFile(this.settingsPath, this.backupPath);
         await this.saveFile(filePath, this.settingsPath);
 
-        urlService.resetGenerators({releaseResourcesOnly: true});
+        const isLazy = urlService.facade.isLazy();
+        const resetUrlState = () => {
+            if (isLazy) {
+                // Drop registered router configs; reloadFrontend re-registers them.
+                urlService.facade.reset();
+            } else {
+                urlService.resetGenerators({releaseResourcesOnly: true});
+            }
+        };
+
+        resetUrlState();
 
         const bringBackValidRoutes = async () => {
-            urlService.resetGenerators({releaseResourcesOnly: true});
+            resetUrlState();
 
             await this.restoreBackupFile(this.settingsPath, this.backupPath);
 
@@ -114,6 +124,12 @@ class RouteSettings {
                 });
         }
 
+        // The lazy URL service has nothing to precompute, so the readiness
+        // poll below is unnecessary; hasFinished() returns true immediately.
+        if (isLazy) {
+            return;
+        }
+
         // @TODO: how can we get rid of this from here?
         let tries = 0;
 

package/core/server/services/staff/email-templates/gift.hbs

@@ -28,7 +28,7 @@
                     {{/if}}
                     <tr>
                       <td style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 14px; vertical-align: top;">
-                        <h1 style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 26px; color: #15212A; font-weight: bold; line-height: 28px; margin: 0; padding-bottom: 24px;">Someone purchased a gift&nbsp;subscription</h1>
+                        <h1 style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 26px; color: #15212A; font-weight: bold; line-height: 28px; margin: 0; padding-bottom: 24px;">A gift subscription was&nbsp;purchased</h1>
                         <table width="100" border="0" cellpadding="0" cellspacing="0" style="border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; table-layout: fixed; width: 100%; min-width: 100%; box-sizing: border-box; background: #F4F5F6; border-radius: 8px;">
                           <tbody>
                             <tr>

package/core/server/services/staff/email-templates/gift.txt.js

@@ -1,7 +1,7 @@
 module.exports = function giftText(data) {
     // Be careful when you indent the email, because whitespaces are visible in emails!
     return `
-Someone purchased a gift subscription
+A gift subscription was purchased
 
 From: ${data.gift.name}
 Tier: ${data.gift.tierName} • ${data.gift.cadenceLabel}

package/core/server/services/staff/email-templates/new-gift-subscription.hbs

@@ -33,7 +33,7 @@
                     {{/if}}
                     <tr>
                       <td style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 14px; vertical-align: top;">
-                        <h1 style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 26px; color: #15212A; font-weight: bold; line-height: 28px; margin: 0; padding-bottom: 24px;">Someone redeemed a gift&nbsp;subscription</h1>
+                        <h1 style="font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji', 'Segoe UI Symbol'; font-size: 26px; color: #15212A; font-weight: bold; line-height: 28px; margin: 0; padding-bottom: 24px;">A gift subscription was&nbsp;redeemed</h1>
                         <table width="100" border="0" cellpadding="0" cellspacing="0" style="border-collapse: separate; mso-table-lspace: 0pt; mso-table-rspace: 0pt; table-layout: fixed; width: 100%; min-width: 100%; box-sizing: border-box; background: #F4F5F6; border-radius: 8px;">
                           <tbody>
                             <tr>

package/core/server/services/staff/email-templates/new-gift-subscription.txt.js

@@ -1,7 +1,7 @@
 module.exports = function (data) {
     // Be careful when you indent the email, because whitespaces are visible in emails!
     return `
-Someone redeemed a gift subscription
+A gift subscription was redeemed
 
 Member: ${data.memberData.name}
 Tier: ${data.tierData.name}${data.tierData.details ? ` • ${data.tierData.details}` : ''}

package/core/server/services/staff/staff-service-emails.js

@@ -317,7 +317,7 @@ class StaffServiceEmails {
      *
      * @returns {Promise<void>}
      */
-    async notifyGiftReceived({name, email, memberId, amount, currency, tierName, cadence, duration}) {
+    async notifyGiftPurchased({name, email, memberId, amount, currency, tierName, cadence, duration}) {
         const users = await this.models.User.getEmailAlertUsers('gift-subscriptions');
         const formattedAmount = this.getFormattedAmount({currency, amount: amount / 100});
 

package/core/server/services/url/index.js

@@ -2,6 +2,7 @@ const config = require('../../../shared/config');
 const LocalFileCache = require('./local-file-cache');
 const UrlService = require('./url-service');
 const UrlServiceFacade = require('./url-service-facade');
+const LazyUrlService = require('./lazy-url-service');
 
 // NOTE: instead of a path we could give UrlService a "data-resolver" of some sort
 //       so it doesn't have to contain the logic to read data at all. This would be
@@ -22,7 +23,21 @@ if (process.env.NODE_ENV.startsWith('test')){
 
 const cache = new LocalFileCache({storagePath, writeDisabled});
 const urlService = new UrlService({cache});
-const urlServiceFacade = new UrlServiceFacade({urlService});
+
+// LazyUrlService is only attached to the facade when the lazyRouting flag is
+// on. The eager UrlService stays in the require graph either way so test code
+// and partially-migrated callers continue to work. The model layer is only
+// pulled in when the flag is on so flag-off boot keeps its existing
+// require-graph shape.
+let lazyUrlService = null;
+if (config.get('lazyRouting')) {
+    const models = require('../../models');
+    const {createFindResource} = require('./lazy-find-resource');
+
+    lazyUrlService = new LazyUrlService({findResource: createFindResource(models)});
+}
+
+const urlServiceFacade = new UrlServiceFacade({urlService, lazyUrlService});
 
 // Singleton: default export remains the eager UrlService for backwards
 // compatibility with existing imports. The new facade is exposed alongside

package/core/server/services/url/lazy-find-resource.js

@@ -0,0 +1,49 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createFindResource = createFindResource;
+/**
+ * Builds the on-demand DB lookup hook used by LazyUrlService.resolveUrl.
+ *
+ * The eager UrlService only registers URLs for resources matching the
+ * resourceConfig filter (status:published, public visibility). Mirror that
+ * here so reverse lookups can't return drafts / private resources even though
+ * we now hit the DB on demand. We also disambiguate posts vs pages — both
+ * share `models.Post` and a permalink template like `/:slug/` could otherwise
+ * return either record.
+ *
+ * For tags and authors we use the public-facing scoped models (TagPublic,
+ * Author) which carry the shouldHavePosts gate, so reverse lookups can't
+ * return tags/users with no published posts (and in particular can't expose
+ * staff User accounts via a guessed slug).
+ */
+function createFindResource(models) {
+    const loadOne = async (Model, query, options = {}) => {
+        const result = await Model.findOne(query, { require: false, ...options });
+        return result ? result.toJSON() : null;
+    };
+    // Posts and pages need their tags/authors relations loaded so NQL
+    // filters like `tag:news` / `author:jane` can be evaluated against the
+    // returned record (LazyUrlService re-checks the route's filter after
+    // the DB lookup). Without these, every tag- or author-filtered route
+    // would silently 404.
+    const POSTLIKE_RELATIONS = ['tags', 'authors'];
+    const loadPostlike = (Model, query, dbType) => {
+        return loadOne(Model, { ...query, type: dbType, status: 'published' }, { withRelated: POSTLIKE_RELATIONS });
+    };
+    return (type, query) => {
+        if (type === 'posts') {
+            return loadPostlike(models.Post, query, 'post');
+        }
+        if (type === 'pages') {
+            return loadPostlike(models.Post, query, 'page');
+        }
+        if (type === 'tags') {
+            return loadOne(models.TagPublic, { ...query, visibility: 'public' });
+        }
+        if (type === 'authors') {
+            return loadOne(models.Author, { ...query, visibility: 'public' });
+        }
+        return Promise.resolve(null);
+    };
+}
+module.exports = { createFindResource };

package/core/server/services/url/lazy-find-resource.ts

@@ -0,0 +1,62 @@
+import type {FindResource} from './lazy-url-service';
+
+interface BookshelfModel {
+    findOne(query: Record<string, unknown>, options?: Record<string, unknown>): Promise<{toJSON(): Record<string, unknown>} | null>;
+}
+
+interface Models {
+    Post: BookshelfModel;
+    TagPublic: BookshelfModel;
+    Author: BookshelfModel;
+}
+
+/**
+ * Builds the on-demand DB lookup hook used by LazyUrlService.resolveUrl.
+ *
+ * The eager UrlService only registers URLs for resources matching the
+ * resourceConfig filter (status:published, public visibility). Mirror that
+ * here so reverse lookups can't return drafts / private resources even though
+ * we now hit the DB on demand. We also disambiguate posts vs pages — both
+ * share `models.Post` and a permalink template like `/:slug/` could otherwise
+ * return either record.
+ *
+ * For tags and authors we use the public-facing scoped models (TagPublic,
+ * Author) which carry the shouldHavePosts gate, so reverse lookups can't
+ * return tags/users with no published posts (and in particular can't expose
+ * staff User accounts via a guessed slug).
+ */
+export function createFindResource(models: Models): FindResource {
+    const loadOne = async (Model: BookshelfModel, query: Record<string, unknown>, options: Record<string, unknown> = {}) => {
+        const result = await Model.findOne(query, {require: false, ...options});
+        return result ? result.toJSON() : null;
+    };
+
+    // Posts and pages need their tags/authors relations loaded so NQL
+    // filters like `tag:news` / `author:jane` can be evaluated against the
+    // returned record (LazyUrlService re-checks the route's filter after
+    // the DB lookup). Without these, every tag- or author-filtered route
+    // would silently 404.
+    const POSTLIKE_RELATIONS = ['tags', 'authors'];
+
+    const loadPostlike = (Model: BookshelfModel, query: Record<string, unknown>, dbType: string) => {
+        return loadOne(Model, {...query, type: dbType, status: 'published'}, {withRelated: POSTLIKE_RELATIONS});
+    };
+
+    return (type: string, query: Record<string, string>) => {
+        if (type === 'posts') {
+            return loadPostlike(models.Post, query, 'post');
+        }
+        if (type === 'pages') {
+            return loadPostlike(models.Post, query, 'page');
+        }
+        if (type === 'tags') {
+            return loadOne(models.TagPublic, {...query, visibility: 'public'});
+        }
+        if (type === 'authors') {
+            return loadOne(models.Author, {...query, visibility: 'public'});
+        }
+        return Promise.resolve(null);
+    };
+}
+
+module.exports = {createFindResource};