diff options
author | Mark Sapiro <mark@msapiro.net> | 2017-06-05 20:48:34 -0700 |
---|---|---|
committer | Mark Sapiro <mark@msapiro.net> | 2017-06-05 20:48:34 -0700 |
commit | 0d11dc90ee6fc9cc61d32ca3ea6819ca95ac1c12 (patch) | |
tree | f7743c3b5fc245e214bc94da3266bd16f9d664e2 /Mailman/Cgi/options.py | |
parent | 845dc52970be426af2a766be4609a8bef2bd1c05 (diff) | |
download | mailman2-0d11dc90ee6fc9cc61d32ca3ea6819ca95ac1c12.tar.gz mailman2-0d11dc90ee6fc9cc61d32ca3ea6819ca95ac1c12.tar.xz mailman2-0d11dc90ee6fc9cc61d32ca3ea6819ca95ac1c12.zip |
Defend against CGI requests with multiple values for the same parameter.
Diffstat (limited to '')
-rw-r--r-- | Mailman/Cgi/options.py | 44 |
1 files changed, 22 insertions, 22 deletions
diff --git a/Mailman/Cgi/options.py b/Mailman/Cgi/options.py index 0bfa510a..d7411f69 100644 --- a/Mailman/Cgi/options.py +++ b/Mailman/Cgi/options.py @@ -122,11 +122,11 @@ def main(): return if set(params) - set(safe_params): - csrf_checked = csrf_check(mlist, cgidata.getvalue('csrf_token')) + csrf_checked = csrf_check(mlist, cgidata.getfirst('csrf_token')) else: csrf_checked = True # if password is present, void cookie to force password authentication. - if cgidata.getvalue('password'): + if cgidata.getfirst('password'): os.environ['HTTP_COOKIE'] = '' csrf_checked = True @@ -134,21 +134,21 @@ def main(): # we might have a 'language' key in the cgi data. That was an explicit # preference to view the page in, so we should honor that here. If that's # not available, use the list's default language. - language = cgidata.getvalue('language') + language = cgidata.getfirst('language') if not Utils.IsLanguage(language): language = mlist.preferred_language i18n.set_language(language) doc.set_language(language) if lenparts < 2: - user = cgidata.getvalue('email') + user = cgidata.getfirst('email') if not user: # If we're coming from the listinfo page and we left the email # address field blank, it's not an error. Likewise if we're # coming from anywhere else. Only issue the error if we came # via one of our buttons. - if (cgidata.getvalue('login') or cgidata.getvalue('login-unsub') - or cgidata.getvalue('login-remind')): + if (cgidata.getfirst('login') or cgidata.getfirst('login-unsub') + or cgidata.getfirst('login-remind')): doc.addError(_('No address given')) loginpage(mlist, doc, None, language) print doc.Format() @@ -194,7 +194,7 @@ def main(): # And now we know the user making the request, so set things up to for the # user's stored preferred language, overridden by any form settings for # their new language preference. - userlang = cgidata.getvalue('language') + userlang = cgidata.getfirst('language') if not Utils.IsLanguage(userlang): userlang = mlist.getMemberLanguage(user) doc.set_language(userlang) @@ -279,7 +279,7 @@ def main(): return # Get the password from the form. - password = cgidata.getvalue('password', '').strip() + password = cgidata.getfirst('password', '').strip() # Check authentication. We need to know if the credentials match the user # or the site admin, because they are the only ones who are allowed to # change things globally. Specifically, the list admin may not change @@ -391,18 +391,18 @@ def main(): if cgidata.has_key('change-of-address'): # We could be changing the user's full name, email address, or both. # Watch out for non-ASCII characters in the member's name. - membername = cgidata.getvalue('fullname') + membername = cgidata.getfirst('fullname') # Canonicalize the member's name membername = Utils.canonstr(membername, language) - newaddr = cgidata.getvalue('new-address') - confirmaddr = cgidata.getvalue('confirm-address') + newaddr = cgidata.getfirst('new-address') + confirmaddr = cgidata.getfirst('confirm-address') oldname = mlist.getMemberName(user) set_address = set_membername = 0 # See if the user wants to change their email address globally. The # list admin is /not/ allowed to make global changes. - globally = cgidata.getvalue('changeaddr-globally') + globally = cgidata.getfirst('changeaddr-globally') if globally and not is_user_or_siteadmin: doc.addError(_("""The list administrator may not change the names or addresses for this user's other subscriptions. However, the @@ -515,8 +515,8 @@ address. Upon confirmation, any other mailing list containing the address options_page(mlist, doc, user, cpuser, userlang) print doc.Format() return - newpw = cgidata.getvalue('newpw', '').strip() - confirmpw = cgidata.getvalue('confpw', '').strip() + newpw = cgidata.getfirst('newpw', '').strip() + confirmpw = cgidata.getfirst('confpw', '').strip() if not newpw or not confirmpw: options_page(mlist, doc, user, cpuser, userlang, _('Passwords may not be blank')) @@ -530,7 +530,7 @@ address. Upon confirmation, any other mailing list containing the address # See if the user wants to change their passwords globally, however # the list admin is /not/ allowed to change passwords globally. - pw_globally = cgidata.getvalue('pw-globally') + pw_globally = cgidata.getfirst('pw-globally') if pw_globally and not is_user_or_siteadmin: doc.addError(_("""The list administrator may not change the password for this user's other subscriptions. However, the @@ -555,7 +555,7 @@ address. Upon confirmation, any other mailing list containing the address if cgidata.has_key('unsub'): # Was the confirming check box turned on? - if not cgidata.getvalue('unsubconfirm'): + if not cgidata.getfirst('unsubconfirm'): options_page( mlist, doc, user, cpuser, userlang, _('''You must confirm your unsubscription request by turning @@ -635,7 +635,7 @@ address. Upon confirmation, any other mailing list containing the address ('nodupes', mm_cfg.DontReceiveDuplicates), ): try: - newval = int(cgidata.getvalue(item)) + newval = int(cgidata.getfirst(item)) except (TypeError, ValueError): newval = None @@ -671,7 +671,7 @@ address. Upon confirmation, any other mailing list containing the address # Process user selected topics, but don't make the changes to the # MailList object; we must do that down below when the list is # locked. - topicnames = cgidata.getvalue('usertopic') + topicnames = cgidata.getfirst('usertopic') if topicnames: # Some topics were selected. topicnames can actually be a string # or a list of strings depending on whether more than one topic @@ -725,7 +725,7 @@ address. Upon confirmation, any other mailing list containing the address # The enable/disable option and the password remind option may have # their global flags sets. - if cgidata.getvalue('deliver-globally'): + if cgidata.getfirst('deliver-globally'): # Yes, this is inefficient, but the list is so small it shouldn't # make much of a difference. for flag, newval in newvals: @@ -733,19 +733,19 @@ address. Upon confirmation, any other mailing list containing the address globalopts.enable = newval break - if cgidata.getvalue('remind-globally'): + if cgidata.getfirst('remind-globally'): for flag, newval in newvals: if flag == mm_cfg.SuppressPasswordReminder: globalopts.remind = newval break - if cgidata.getvalue('nodupes-globally'): + if cgidata.getfirst('nodupes-globally'): for flag, newval in newvals: if flag == mm_cfg.DontReceiveDuplicates: globalopts.nodupes = newval break - if cgidata.getvalue('mime-globally'): + if cgidata.getfirst('mime-globally'): for flag, newval in newvals: if flag == mm_cfg.DisableMime: globalopts.mime = newval |