aboutsummaryrefslogtreecommitdiffstats
path: root/Mailman/Cgi/private.py (unfollow)
Commit message (Collapse)AuthorFilesLines
2017-06-05Bumped Copyrights and fixed a bug in prior commit.Mark Sapiro1-1/+1
2017-06-05Defend against CGI requests with multiple values for the same parameter.Mark Sapiro1-2/+2
2016-07-14Catch TypeError from certain defective crafted POST requests.Mark Sapiro1-2/+11
2014-03-21 - Added the list name to the vette log "held message approved" entry.Mark Sapiro1-2/+2
(LP: 1295875) - Added the CGI module name to various "No such list" error log entries. (LP: 1295875) - Modified contrib/mmdsr to report module name if present in "No such list error log entries.
2012-06-20Fixed a typo in the UPGRADING doc - bin/upgrade -> bin/update.Mark Sapiro1-0/+0
2012-03-25Backported the password reminder from private archive login feature from theMark Sapiro1-1/+22
2.2 branch.
2011-02-05Updated copyright year for previous change.Mark Sapiro1-1/+1
2011-02-05Issue an HTTP 404 status for private archive file not found.Mark Sapiro1-0/+1
2010-03-29Added roster to the CGIs that return HTTP 401 status for an authenticationMark Sapiro1-0/+2
failure, and return HTTP 404 status from all CGIs for an invalid list name.
2010-02-04We now give an HTTP 401 status for authentication failures from admin,Mark Sapiro1-0/+2
admindb, private and options logins.
2010-01-21- Fixed a bug where going to an archives/private/list.mbox/list.mbox URLMark Sapiro1-1/+3
would result in a munged URL if authentication was required. Bug #266164.
2006-04-04Fix XSS bug: Thanks Moritz Naumann. (CVE-2006-1512)tkikuchi1-2/+3
2005-12-30A cleansing pass, almost entirely cosmetic. Such things as whitespacebwarsaw1-12/+10
normalization, removal of tabs, copyright year updates to changed files, docstring and comment fixes, and usage of True/False. I also made a pass through the NEWS file. One import was reordered, and after this commit I will move the mmdsr.readme file to README.mmdsr. From my perspective, after that we're ready to go. I will port these changes forward to the trunk.
2005-12-12Log hostile path to mischief, not errormsapiro1-1/+1
2005-12-12Fixes for bug 1080943.msapiro1-6/+27
Add error response for ./ and ../ in URL
2005-08-27FSF office has moved to 51 Franklin Street.tkikuchi1-1/+1
2005-02-10Spelling and copyright years updates.bwarsaw1-3/+3
2005-02-10Checkin for initial workaround for directry traverse flaw in private.py.tkikuchi1-3/+6
This is for the people who think 'CVS should be safe' and not final solution.
2003-02-08Backporting from the trunk.bwarsaw1-13/+15