diff options
| author | Mark Sapiro <mark@msapiro.net> | 2015-09-16 17:39:34 -0700 |
|---|---|---|
| committer | Mark Sapiro <mark@msapiro.net> | 2015-09-16 17:39:34 -0700 |
| commit | 6f9679030c1c2037a6a12555dbfe02445b012646 (patch) | |
| tree | dabd063667c028f75afc52d8d9579975fc93ca30 /Mailman/Cgi | |
| parent | 8fe23fa982192c2e1236ee86eb6cad612ace504c (diff) | |
| download | mailman2-6f9679030c1c2037a6a12555dbfe02445b012646.tar.gz mailman2-6f9679030c1c2037a6a12555dbfe02445b012646.tar.xz mailman2-6f9679030c1c2037a6a12555dbfe02445b012646.zip | |
Defended against a user submitting URLs with query fragments or POST
data containing multiple occurrences of the same variable.
Diffstat (limited to '')
| -rw-r--r-- | Mailman/Cgi/options.py | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/Mailman/Cgi/options.py b/Mailman/Cgi/options.py index c400e9fb..7b2c70b5 100644 --- a/Mailman/Cgi/options.py +++ b/Mailman/Cgi/options.py @@ -129,6 +129,14 @@ def main(): return else: user = Utils.LCDomain(Utils.UnobscureEmail(SLASH.join(parts[1:]))) + # If a user submits a form or URL with post data or query fragments + # with multiple occurrences of the same variable, we can get a list + # here. Be as careful as possible. + if isinstance(user, list) or isinstance(user, tuple): + if len(user) == 0: + user = '' + else: + user = user[-1] # Avoid cross-site scripting attacks safeuser = Utils.websafe(user) |