2 files changed, 14 insertions, 4 deletions

diff --git a/Mailman/Handlers/Approve.py b/Mailman/Handlers/Approve.py
index 9e7da910..ed85395d 100644
--- a/Mailman/Handlers/Approve.py
+++ b/Mailman/Handlers/Approve.py
@@ -1,4 +1,4 @@
-# Copyright (C) 1998-2009 by the Free Software Foundation, Inc.
+# Copyright (C) 1998-2010 by the Free Software Foundation, Inc.
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License
@@ -61,7 +61,10 @@ def process(mlist, msg, msgdata):
     # because we want to discourage the practice of sending the site admin
     # password through email in the clear.
     missing = []
-    passwd = msg.get('approved', msg.get('approve', missing))
+    for hdr in ('approved', 'approve', 'x-approved', 'x-approve'):
+        passwd = msg.get(hdr, missing)
+        if passwd is not missing:
+            break
     if passwd is missing:
         # Find the first text/plain part in the message
         part = None
@@ -80,7 +83,11 @@ def process(mlist, msg, msgdata):
             if i >= 0:
                 name = line[:i]
                 value = line[i+1:]
-                if name.lower() in ('approve', 'approved'):
+                if name.lower() in ('approve',
+                                    'approved',
+                                    'x-approve',
+                                    'x-approved',
+                                    ):
                     passwd = value.lstrip()
                     # Now strip the first line from the payload so the
                     # password doesn't leak.
diff --git a/Mailman/Handlers/Cleanse.py b/Mailman/Handlers/Cleanse.py
index b2c9611a..725cb41b 100644
--- a/Mailman/Handlers/Cleanse.py
+++ b/Mailman/Handlers/Cleanse.py
@@ -1,4 +1,4 @@
-# Copyright (C) 1998-2009 by the Free Software Foundation, Inc.
+# Copyright (C) 1998-2010 by the Free Software Foundation, Inc.
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License
@@ -33,6 +33,9 @@ def process(mlist, msg, msgdata):
     del msg['approved']
     # Remove this one too.
     del msg['approve']
+    # And these too.
+    del msg['x-approved']
+    del msg['x-approve']
     # Also remove this header since it can contain a password
     del msg['urgent']
     # We remove other headers from anonymous lists