Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Implement WARN_MEMBER_OF_SUBSCRIBE subscribe setting. | Mark Sapiro | 2020-06-10 | 1 | -0/+1 |
| | |||||
* | Implement REFUSE_SECOND_PENDING setting to prevent multiple pending subscribes. | Mark Sapiro | 2020-01-09 | 1 | -0/+3 |
| | |||||
* | Implement Ralf Jung's captcha feature for the subscribe form. | Mark Sapiro | 2019-06-19 | 1 | -2/+11 |
|\ | |||||
| * | implement a simple CAPTCHA scheme based on questions and answers configured ↵ | Ralf Jung | 2019-06-10 | 1 | -2/+8 |
|/ | | | | by the site admin | ||||
* | Bump copyright dates. | Mark Sapiro | 2018-06-17 | 1 | -0/+0 |
| | |||||
* | Separate data in CSRF token by colon to avoid collisions. | Ralf Jung | 2018-06-03 | 1 | -3/+3 |
| | | | | | | This makes the data-to-token function injective. Previously, for example, the list called "list1" and the IP "10.0.0.0" would have the same hash as the list called "list" and the IP "110.0.0.0", as the strings were just concatenated. | ||||
* | Removed a Python 2.7 dependency introduced in 2.1.26. | Mark Sapiro | 2018-03-01 | 1 | -1/+1 |
| | |||||
* | Corrected i18n from rev. 1738 and updated message catalogs. | Mark Sapiro | 2018-01-30 | 1 | -3/+5 |
| | |||||
* | Added the ability to add reCAPTCHA to the listinfo subscribe form. | Mark Sapiro | 2018-01-29 | 1 | -1/+23 |
|\ | |||||
| * | Allow the list subscription form to be protected from spam bots using | David Siebörger | 2018-01-29 | 1 | -0/+22 |
|/ | | | | reCAPTCHA. | ||||
* | Bumped Copyrights and fixed a bug in prior commit. | Mark Sapiro | 2017-06-05 | 1 | -1/+1 |
| | |||||
* | Defend against CGI requests with multiple values for the same parameter. | Mark Sapiro | 2017-06-05 | 1 | -7/+7 |
| | |||||
* | Fixed an uncaught TypeError in the subscribe CGI. | Mark Sapiro | 2017-02-22 | 1 | -1/+1 |
| | |||||
* | Catch TypeError from certain defective crafted POST requests. | Mark Sapiro | 2016-07-14 | 1 | -2/+11 |
| | |||||
* | Support for HTTP_X_FORWARDED_FOR and HTTP_FORWARDED_FOR (RFC 7239) | Jim Popovitch | 2015-06-23 | 1 | -3/+4 |
| | |||||
* | If SUBSCRIBE_FORM_SECRET is enabled and a user's network has a load | Mark Sapiro | 2015-04-23 | 1 | -8/+21 |
| | | | | | | balancer or similar in use the POSTing IP might not exactly match the GETting IP. This is now accounted for by not requiring the last octet (16 bits for ipV6) to match. | ||||
* | - Added the list name to the vette log "held message approved" entry. | Mark Sapiro | 2014-03-21 | 1 | -2/+2 |
| | | | | | | | | | | (LP: 1295875) - Added the CGI module name to various "No such list" error log entries. (LP: 1295875) - Modified contrib/mmdsr to report module name if present in "No such list error log entries. | ||||
* | Added a minimum delay between retrieval and submission of the subscribe form. | Mark Sapiro | 2012-12-14 | 1 | -0/+4 |
| | |||||
* | Implement SUBSCRIBE_FORM_SECRET to mitigate bot subscribes. (LP: 1082746) | Mark Sapiro | 2012-11-24 | 1 | -1/+19 |
| | |||||
* | Prevented setting user passwords with leading/trailing whitespace. Bug #778088. | Mark Sapiro | 2011-05-09 | 1 | -4/+4 |
| | |||||
* | Changed the subscribe CGI to strip leading and trailing whitespace from | Mark Sapiro | 2011-03-29 | 1 | -2/+2 |
| | | | | the supplied email address. Bug #745432. | ||||
* | Added roster to the CGIs that return HTTP 401 status for an authentication | Mark Sapiro | 2010-03-29 | 1 | -0/+2 |
| | | | | failure, and return HTTP 404 status from all CGIs for an invalid list name. | ||||
* | Two of the 'new' class exceptions are raised with an argument. | Mark Sapiro | 2009-01-20 | 1 | -4/+5 |
| | |||||
* | FSF office has moved to 51 Franklin Street. | tkikuchi | 2005-08-27 | 1 | -1/+1 |
| | |||||
* | Backporting from trunk. | bwarsaw | 2003-04-07 | 1 | -2/+0 |
| | |||||
* | Backporting from the trunk. | bwarsaw | 2003-02-08 | 1 | -6/+8 |
| | |||||
* | This commit was manufactured by cvs2svn to create branch | 2003-01-02 | 1 | -0/+276 | |
'Release_2_1-maint'. |