diff options
author | Yasuhito FUTATSUKI at POEM <futatuki@poem.co.jp> | 2017-06-10 18:43:50 +0900 |
---|---|---|
committer | Yasuhito FUTATSUKI at POEM <futatuki@poem.co.jp> | 2017-06-10 18:43:50 +0900 |
commit | ae4c93087ddb0273f5c5205ef69fed5ae71221d4 (patch) | |
tree | 3b1721b212b41df13eddfcd68a1997861944b33e /Mailman/Cgi/edithtml.py | |
parent | ec87166d9d23a54701af5cc2e4c8f18df399bf14 (diff) | |
parent | 4836d8978d0b42b6a361c6a98962aec185e60023 (diff) | |
download | mailman2-ae4c93087ddb0273f5c5205ef69fed5ae71221d4.tar.gz mailman2-ae4c93087ddb0273f5c5205ef69fed5ae71221d4.tar.xz mailman2-ae4c93087ddb0273f5c5205ef69fed5ae71221d4.zip |
Merge lp:mailman/2.1 up to 1716
Diffstat (limited to '')
-rw-r--r-- | Mailman/Cgi/edithtml.py | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/Mailman/Cgi/edithtml.py b/Mailman/Cgi/edithtml.py index 0628f30b..d3d04a31 100644 --- a/Mailman/Cgi/edithtml.py +++ b/Mailman/Cgi/edithtml.py @@ -1,4 +1,4 @@ -# Copyright (C) 1998-2016 by the Free Software Foundation, Inc. +# Copyright (C) 1998-2017 by the Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -97,7 +97,7 @@ def main(): # Must be authenticated to get any farther cgidata = cgi.FieldStorage() try: - cgidata.getvalue('adminpw', '') + cgidata.getfirst('adminpw', '') except TypeError: # Someone crafted a POST with a bad Content-Type:. doc.AddItem(Header(2, _("Error"))) @@ -111,18 +111,18 @@ def main(): safe_params = ['VARHELP', 'adminpw', 'admlogin'] params = cgidata.keys() if set(params) - set(safe_params): - csrf_checked = csrf_check(mlist, cgidata.getvalue('csrf_token')) + csrf_checked = csrf_check(mlist, cgidata.getfirst('csrf_token')) else: csrf_checked = True # if password is present, void cookie to force password authentication. - if cgidata.getvalue('adminpw'): + if cgidata.getfirst('adminpw'): os.environ['HTTP_COOKIE'] = '' csrf_checked = True # Editing the html for a list is limited to the list admin and site admin. if not mlist.WebAuthenticate((mm_cfg.AuthListAdmin, mm_cfg.AuthSiteAdmin), - cgidata.getvalue('adminpw', '')): + cgidata.getfirst('adminpw', '')): if cgidata.has_key('admlogin'): # This is a re-authorization attempt msg = Bold(FontSize('+1', _('Authorization failed.'))).Format() |