aboutsummaryrefslogtreecommitdiffstats
path: root/Mailman/Cgi/subscribe.py (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Bump copyright dates.Mark Sapiro2018-06-171-0/+0
|
* Separate data in CSRF token by colon to avoid collisions.Ralf Jung2018-06-031-3/+3
| | | | | | This makes the data-to-token function injective. Previously, for example, the list called "list1" and the IP "10.0.0.0" would have the same hash as the list called "list" and the IP "110.0.0.0", as the strings were just concatenated.
* Removed a Python 2.7 dependency introduced in 2.1.26.Mark Sapiro2018-03-011-1/+1
|
* Corrected i18n from rev. 1738 and updated message catalogs.Mark Sapiro2018-01-301-3/+5
|
* Added the ability to add reCAPTCHA to the listinfo subscribe form.Mark Sapiro2018-01-291-1/+23
|\
| * Allow the list subscription form to be protected from spam bots usingDavid Siebörger2018-01-291-0/+22
|/ | | | reCAPTCHA.
* Bumped Copyrights and fixed a bug in prior commit.Mark Sapiro2017-06-051-1/+1
|
* Defend against CGI requests with multiple values for the same parameter.Mark Sapiro2017-06-051-7/+7
|
* Fixed an uncaught TypeError in the subscribe CGI.Mark Sapiro2017-02-221-1/+1
|
* Catch TypeError from certain defective crafted POST requests.Mark Sapiro2016-07-141-2/+11
|
* Support for HTTP_X_FORWARDED_FOR and HTTP_FORWARDED_FOR (RFC 7239) Jim Popovitch2015-06-231-3/+4
|
* If SUBSCRIBE_FORM_SECRET is enabled and a user's network has a loadMark Sapiro2015-04-231-8/+21
| | | | | | balancer or similar in use the POSTing IP might not exactly match the GETting IP. This is now accounted for by not requiring the last octet (16 bits for ipV6) to match.
* - Added the list name to the vette log "held message approved" entry.Mark Sapiro2014-03-211-2/+2
| | | | | | | | | | (LP: 1295875) - Added the CGI module name to various "No such list" error log entries. (LP: 1295875) - Modified contrib/mmdsr to report module name if present in "No such list error log entries.
* Added a minimum delay between retrieval and submission of the subscribe form.Mark Sapiro2012-12-141-0/+4
|
* Implement SUBSCRIBE_FORM_SECRET to mitigate bot subscribes. (LP: 1082746)Mark Sapiro2012-11-241-1/+19
|
* Prevented setting user passwords with leading/trailing whitespace. Bug #778088.Mark Sapiro2011-05-091-4/+4
|
* Changed the subscribe CGI to strip leading and trailing whitespace fromMark Sapiro2011-03-291-2/+2
| | | | the supplied email address. Bug #745432.
* Added roster to the CGIs that return HTTP 401 status for an authenticationMark Sapiro2010-03-291-0/+2
| | | | failure, and return HTTP 404 status from all CGIs for an invalid list name.
* Two of the 'new' class exceptions are raised with an argument.Mark Sapiro2009-01-201-4/+5
|
* FSF office has moved to 51 Franklin Street.tkikuchi2005-08-271-1/+1
|
* Backporting from trunk.bwarsaw2003-04-071-2/+0
|
* Backporting from the trunk.bwarsaw2003-02-081-6/+8
|
* This commit was manufactured by cvs2svn to create branch2003-01-021-0/+276
'Release_2_1-maint'.