| Commit message (Collapse) | Author | Files | Lines | ||
|---|---|---|---|---|---|
| 2019-06-10 | Don't enable CAPTCHA if 'en' key is not set | Ralf Jung | 1 | -1/+1 | |
| 2019-06-10 | fix computing the form hash when there is no CAPTCHA | Ralf Jung | 1 | -1/+1 | |
| 2019-06-10 | implement a simple CAPTCHA scheme based on questions and answers configured ↵ | Ralf Jung | 1 | -2/+17 | |
| by the site admin | |||||
| 2018-06-22 | enhance i18n of listinfo overview | Yasuhito FUTATSUKI at POEM | 1 | -1/+1 | |
| * make sure list's description charset as its preferred_language's * get description as a string of charset caller wanted | |||||
| 2018-06-03 | Separate data in CSRF token by colon to avoid collisions. | Ralf Jung | 1 | -3/+3 | |
| This makes the data-to-token function injective. Previously, for example, the list called "list1" and the IP "10.0.0.0" would have the same hash as the list called "list" and the IP "110.0.0.0", as the strings were just concatenated. | |||||
| 2018-05-26 | Internationalize the noscript note added to reCAPTCHA. | Mark Sapiro | 1 | -2/+3 | |
| 2018-05-05 | Add <noscript> note to listinfo reCAPTCHA that JavaScript is required. | Mark Sapiro | 1 | -0/+1 | |
| 2018-02-03 | It's not necessary to replace _ with - in language codes for reCAPTCHA. | Mark Sapiro | 1 | -3/+1 | |
| 2018-01-29 | Allow the list subscription form to be protected from spam bots using | David Siebörger | 1 | -0/+10 | |
| reCAPTCHA. | |||||
| 2017-06-05 | Bumped Copyrights and fixed a bug in prior commit. | Mark Sapiro | 1 | -1/+1 | |
| 2017-06-05 | Defend against CGI requests with multiple values for the same parameter. | Mark Sapiro | 1 | -1/+1 | |
| 2016-07-14 | Catch TypeError from certain defective crafted POST requests. | Mark Sapiro | 1 | -1/+13 | |
| 2016-05-17 | Catch MMUnknownListError in case list is removed after listing names. | Mark Sapiro | 1 | -2/+6 | |
| 2015-06-23 | Support for HTTP_X_FORWARDED_FOR and HTTP_FORWARDED_FOR (RFC 7239) | Jim Popovitch | 1 | -3/+4 | |
| 2015-04-23 | If SUBSCRIBE_FORM_SECRET is enabled and a user's network has a load | Mark Sapiro | 1 | -4/+14 | |
| balancer or similar in use the POSTing IP might not exactly match the GETting IP. This is now accounted for by not requiring the last octet (16 bits for ipV6) to match. | |||||
| 2014-03-21 | - Added the list name to the vette log "held message approved" entry. | Mark Sapiro | 1 | -2/+2 | |
| (LP: 1295875) - Added the CGI module name to various "No such list" error log entries. (LP: 1295875) - Modified contrib/mmdsr to report module name if present in "No such list error log entries. | |||||
| 2012-11-24 | Implement SUBSCRIBE_FORM_SECRET to mitigate bot subscribes. (LP: 1082746) | Mark Sapiro | 1 | -1/+15 | |
| 2010-09-09 | Two potential XSS vulnerabilities have been identified and fixed. | Mark Sapiro | 1 | -2/+2 | |
| 2010-06-23 | Fixed a bug which would fail to show a list on the admin and listinfo | Mark Sapiro | 1 | -2/+3 | |
| overview pages if its web_page_url contained a :port. Bug # 597741. | |||||
| 2010-03-29 | Added roster to the CGIs that return HTTP 401 status for an authentication | Mark Sapiro | 1 | -0/+2 | |
| failure, and return HTTP 404 status from all CGIs for an invalid list name. | |||||
| 2009-07-31 | Backported several bug fixes from the 2.2 branch. | Mark Sapiro | 1 | -3/+4 | |
| 2005-08-27 | FSF office has moved to 51 Franklin Street. | tkikuchi | 1 | -1/+1 | |
| 2003-12-24 | listinfo_overview(): Richard Barrett's patch # 828811 to reduce | bwarsaw | 1 | -5/+6 | |
| listinfo and admin cgi process size by not keeping the entire mlist object alive through a reference in the advertised list. Only the information used in the overview is kept. | |||||
| 2003-09-22 | Backporting from the HEAD -- updated cgi's | bwarsaw | 1 | -1/+1 | |
| 2003-02-08 | Backporting from the trunk. | bwarsaw | 1 | -6/+8 | |
 |
index : mailman2 | |
| mirror of https://code.launchpad.net/~mailman-coders/mailman/2.1 | git |
| aboutsummaryrefslogtreecommitdiffstats |