aboutsummaryrefslogtreecommitdiffstats
path: root/Mailman
diff options
context:
space:
mode:
authortkikuchi <>2004-10-09 04:15:41 +0000
committertkikuchi <>2004-10-09 04:15:41 +0000
commit6b02d74dfcfd74994f14dd89b79cfd62a394c788 (patch)
tree9382ef79d0257e831a06526867528ba336f1fe06 /Mailman
parentc4a3e8e0b833d51da0d5e1b19a3eab0d3805ec5d (diff)
downloadmailman2-6b02d74dfcfd74994f14dd89b79cfd62a394c788.tar.gz
mailman2-6b02d74dfcfd74994f14dd89b79cfd62a394c788.tar.xz
mailman2-6b02d74dfcfd74994f14dd89b79cfd62a394c788.zip
[ 1030228 ] Mass Subscribe address with control character - can't delete
Also, '/' can be used now.
Diffstat (limited to 'Mailman')
-rw-r--r--Mailman/SecurityManager.py2
-rw-r--r--Mailman/Utils.py2
2 files changed, 2 insertions, 2 deletions
diff --git a/Mailman/SecurityManager.py b/Mailman/SecurityManager.py
index 4ebb1fcd..b8707c1d 100644
--- a/Mailman/SecurityManager.py
+++ b/Mailman/SecurityManager.py
@@ -103,7 +103,7 @@ class SecurityManager:
# A bad system error
raise TypeError, 'No user supplied for AuthUser context'
secret = self.getMemberPassword(user)
- key += 'user+%s' % Utils.ObscureEmail(user)
+ key += 'user+%s' % Utils.ObscureEmail(user).replace('/','%2f')
elif authcontext == mm_cfg.AuthListModerator:
secret = self.mod_password
key += 'moderator'
diff --git a/Mailman/Utils.py b/Mailman/Utils.py
index dda90354..03575998 100644
--- a/Mailman/Utils.py
+++ b/Mailman/Utils.py
@@ -199,7 +199,7 @@ def LCDomain(addr):
# TBD: what other characters should be disallowed?
-_badchars = re.compile(r'[][()<>|;^,/\200-\377]')
+_badchars = re.compile(r'[][()<>|;^,\000-\037\177-\377]')
def ValidateEmail(s):
"""Verify that the an email address isn't grossly evil."""