aboutsummaryrefslogtreecommitdiffstats
path: root/Mailman/Cgi/options.py
diff options
context:
space:
mode:
authorMark Sapiro <mark@msapiro.net>2017-06-05 20:48:34 -0700
committerMark Sapiro <mark@msapiro.net>2017-06-05 20:48:34 -0700
commit0d11dc90ee6fc9cc61d32ca3ea6819ca95ac1c12 (patch)
treef7743c3b5fc245e214bc94da3266bd16f9d664e2 /Mailman/Cgi/options.py
parent845dc52970be426af2a766be4609a8bef2bd1c05 (diff)
downloadmailman2-0d11dc90ee6fc9cc61d32ca3ea6819ca95ac1c12.tar.gz
mailman2-0d11dc90ee6fc9cc61d32ca3ea6819ca95ac1c12.tar.xz
mailman2-0d11dc90ee6fc9cc61d32ca3ea6819ca95ac1c12.zip
Defend against CGI requests with multiple values for the same parameter.
Diffstat (limited to '')
-rw-r--r--Mailman/Cgi/options.py44
1 files changed, 22 insertions, 22 deletions
diff --git a/Mailman/Cgi/options.py b/Mailman/Cgi/options.py
index 0bfa510a..d7411f69 100644
--- a/Mailman/Cgi/options.py
+++ b/Mailman/Cgi/options.py
@@ -122,11 +122,11 @@ def main():
return
if set(params) - set(safe_params):
- csrf_checked = csrf_check(mlist, cgidata.getvalue('csrf_token'))
+ csrf_checked = csrf_check(mlist, cgidata.getfirst('csrf_token'))
else:
csrf_checked = True
# if password is present, void cookie to force password authentication.
- if cgidata.getvalue('password'):
+ if cgidata.getfirst('password'):
os.environ['HTTP_COOKIE'] = ''
csrf_checked = True
@@ -134,21 +134,21 @@ def main():
# we might have a 'language' key in the cgi data. That was an explicit
# preference to view the page in, so we should honor that here. If that's
# not available, use the list's default language.
- language = cgidata.getvalue('language')
+ language = cgidata.getfirst('language')
if not Utils.IsLanguage(language):
language = mlist.preferred_language
i18n.set_language(language)
doc.set_language(language)
if lenparts < 2:
- user = cgidata.getvalue('email')
+ user = cgidata.getfirst('email')
if not user:
# If we're coming from the listinfo page and we left the email
# address field blank, it's not an error. Likewise if we're
# coming from anywhere else. Only issue the error if we came
# via one of our buttons.
- if (cgidata.getvalue('login') or cgidata.getvalue('login-unsub')
- or cgidata.getvalue('login-remind')):
+ if (cgidata.getfirst('login') or cgidata.getfirst('login-unsub')
+ or cgidata.getfirst('login-remind')):
doc.addError(_('No address given'))
loginpage(mlist, doc, None, language)
print doc.Format()
@@ -194,7 +194,7 @@ def main():
# And now we know the user making the request, so set things up to for the
# user's stored preferred language, overridden by any form settings for
# their new language preference.
- userlang = cgidata.getvalue('language')
+ userlang = cgidata.getfirst('language')
if not Utils.IsLanguage(userlang):
userlang = mlist.getMemberLanguage(user)
doc.set_language(userlang)
@@ -279,7 +279,7 @@ def main():
return
# Get the password from the form.
- password = cgidata.getvalue('password', '').strip()
+ password = cgidata.getfirst('password', '').strip()
# Check authentication. We need to know if the credentials match the user
# or the site admin, because they are the only ones who are allowed to
# change things globally. Specifically, the list admin may not change
@@ -391,18 +391,18 @@ def main():
if cgidata.has_key('change-of-address'):
# We could be changing the user's full name, email address, or both.
# Watch out for non-ASCII characters in the member's name.
- membername = cgidata.getvalue('fullname')
+ membername = cgidata.getfirst('fullname')
# Canonicalize the member's name
membername = Utils.canonstr(membername, language)
- newaddr = cgidata.getvalue('new-address')
- confirmaddr = cgidata.getvalue('confirm-address')
+ newaddr = cgidata.getfirst('new-address')
+ confirmaddr = cgidata.getfirst('confirm-address')
oldname = mlist.getMemberName(user)
set_address = set_membername = 0
# See if the user wants to change their email address globally. The
# list admin is /not/ allowed to make global changes.
- globally = cgidata.getvalue('changeaddr-globally')
+ globally = cgidata.getfirst('changeaddr-globally')
if globally and not is_user_or_siteadmin:
doc.addError(_("""The list administrator may not change the names
or addresses for this user's other subscriptions. However, the
@@ -515,8 +515,8 @@ address. Upon confirmation, any other mailing list containing the address
options_page(mlist, doc, user, cpuser, userlang)
print doc.Format()
return
- newpw = cgidata.getvalue('newpw', '').strip()
- confirmpw = cgidata.getvalue('confpw', '').strip()
+ newpw = cgidata.getfirst('newpw', '').strip()
+ confirmpw = cgidata.getfirst('confpw', '').strip()
if not newpw or not confirmpw:
options_page(mlist, doc, user, cpuser, userlang,
_('Passwords may not be blank'))
@@ -530,7 +530,7 @@ address. Upon confirmation, any other mailing list containing the address
# See if the user wants to change their passwords globally, however
# the list admin is /not/ allowed to change passwords globally.
- pw_globally = cgidata.getvalue('pw-globally')
+ pw_globally = cgidata.getfirst('pw-globally')
if pw_globally and not is_user_or_siteadmin:
doc.addError(_("""The list administrator may not change the
password for this user's other subscriptions. However, the
@@ -555,7 +555,7 @@ address. Upon confirmation, any other mailing list containing the address
if cgidata.has_key('unsub'):
# Was the confirming check box turned on?
- if not cgidata.getvalue('unsubconfirm'):
+ if not cgidata.getfirst('unsubconfirm'):
options_page(
mlist, doc, user, cpuser, userlang,
_('''You must confirm your unsubscription request by turning
@@ -635,7 +635,7 @@ address. Upon confirmation, any other mailing list containing the address
('nodupes', mm_cfg.DontReceiveDuplicates),
):
try:
- newval = int(cgidata.getvalue(item))
+ newval = int(cgidata.getfirst(item))
except (TypeError, ValueError):
newval = None
@@ -671,7 +671,7 @@ address. Upon confirmation, any other mailing list containing the address
# Process user selected topics, but don't make the changes to the
# MailList object; we must do that down below when the list is
# locked.
- topicnames = cgidata.getvalue('usertopic')
+ topicnames = cgidata.getfirst('usertopic')
if topicnames:
# Some topics were selected. topicnames can actually be a string
# or a list of strings depending on whether more than one topic
@@ -725,7 +725,7 @@ address. Upon confirmation, any other mailing list containing the address
# The enable/disable option and the password remind option may have
# their global flags sets.
- if cgidata.getvalue('deliver-globally'):
+ if cgidata.getfirst('deliver-globally'):
# Yes, this is inefficient, but the list is so small it shouldn't
# make much of a difference.
for flag, newval in newvals:
@@ -733,19 +733,19 @@ address. Upon confirmation, any other mailing list containing the address
globalopts.enable = newval
break
- if cgidata.getvalue('remind-globally'):
+ if cgidata.getfirst('remind-globally'):
for flag, newval in newvals:
if flag == mm_cfg.SuppressPasswordReminder:
globalopts.remind = newval
break
- if cgidata.getvalue('nodupes-globally'):
+ if cgidata.getfirst('nodupes-globally'):
for flag, newval in newvals:
if flag == mm_cfg.DontReceiveDuplicates:
globalopts.nodupes = newval
break
- if cgidata.getvalue('mime-globally'):
+ if cgidata.getfirst('mime-globally'):
for flag, newval in newvals:
if flag == mm_cfg.DisableMime:
globalopts.mime = newval