diff options
| author | Mark Sapiro <mark@msapiro.net> | 2008-11-20 13:08:31 -0800 |
|---|---|---|
| committer | Mark Sapiro <mark@msapiro.net> | 2008-11-20 13:08:31 -0800 |
| commit | f0d392172bb2400927948004d2dc66c264ca2aa5 (patch) | |
| tree | 0917a720e54690b7ffe84dafaad58577f4d66d09 /Mailman | |
| parent | 7267f4fe1452d61f528da083308fbe38d5e1603a (diff) | |
| download | mailman2-f0d392172bb2400927948004d2dc66c264ca2aa5.tar.gz mailman2-f0d392172bb2400927948004d2dc66c264ca2aa5.tar.xz mailman2-f0d392172bb2400927948004d2dc66c264ca2aa5.zip | |
Fixed a problem in SecurityManager that caused it to not find the
cookie when CheckCookie was not given a user and the user in the cookie
had a %xx encoded character. Bug # 299220.
Diffstat (limited to '')
| -rw-r--r-- | Mailman/SecurityManager.py | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/Mailman/SecurityManager.py b/Mailman/SecurityManager.py index 01610b43..572018e2 100644 --- a/Mailman/SecurityManager.py +++ b/Mailman/SecurityManager.py @@ -1,4 +1,4 @@ -# Copyright (C) 1998-2006 by the Free Software Foundation, Inc. +# Copyright (C) 1998-2008 by the Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -299,7 +299,8 @@ class SecurityManager: usernames.append(k[len(prefix):]) # If any check out, we're golden. Note: `@'s are no longer legal # values in cookie keys. - for user in [Utils.UnobscureEmail(u) for u in usernames]: + for user in [Utils.UnobscureEmail(urllib.unquote(u)) + for u in usernames]: ok = self.__checkone(c, authcontext, user) if ok: return True |