Commit message (Collapse) | Author | Files | Lines | ||
---|---|---|---|---|---|
2014-12-20 | Implement a new DEFAULT_SUBSCRIBE_OR_INVITE setting to control the default | Mark Sapiro | 1 | -1/+2 | |
for the admin Mass Subscriptions page. | |||||
2014-11-07 | Catch the NotAMemberError exception thrown if an authenticated | Mark Sapiro | 1 | -0/+7 | |
unsubscribe is submitted from the user options page for a nonmember. | |||||
2014-09-21 | The options CGI now rejects all but HTTP GET and POST requests. | Mark Sapiro | 1 | -0/+12 | |
2014-06-09 | <label> tags have been added around most check boxes and radio buttons | Mark Sapiro | 1 | -10/+29 | |
and their text labels in the admin and admindb web GUI so they can be (de)selected by clicking the text. (LP: #266391) | |||||
2014-05-02 | Removed HTML tags from the title of a couple of rmlist.py pages because | Mark Sapiro | 1 | -2/+2 | |
browsers don't render tags in the title. (LP: #265848) | |||||
2014-04-15 | Fixed the admin Membership List so a search string if any is not lost | Mark Sapiro | 1 | -1/+2 | |
when visiting subsequent fragments of a chunked list. | |||||
2014-03-21 | - Added the list name to the vette log "held message approved" entry. | Mark Sapiro | 10 | -20/+20 | |
(LP: 1295875) - Added the CGI module name to various "No such list" error log entries. (LP: 1295875) - Modified contrib/mmdsr to report module name if present in "No such list error log entries. | |||||
2014-02-07 | Changed the message from the confirm CGI to not indicate approval is | Mark Sapiro | 1 | -2/+3 | |
required for an acceptance of an invitation. | |||||
2013-07-19 | Enable setting a default grouping/sorting for the admindb held message | Mark Sapiro | 1 | -4/+7 | |
summary via a DISPLAY_HELD_SUMMARY_SORT_BUTTONS setting. | |||||
2013-07-18 | Backported the held message sorting to 2.1 and made it optional. | Mark Sapiro | 1 | -18/+51 | |
2013-06-07 | - It is no longer possible to add 'invalid' addresses to the ban_list | Mark Sapiro | 1 | -15/+39 | |
and the *_these_nonmembers filters from the check boxes on the admindb interface. (LP: #1187201) | |||||
2013-04-03 | The pending (un)subscriptions waiting approval are now sorted by email | Mark Sapiro | 1 | -5/+5 | |
address in the admindb interface as intended. (LP: 1164160) | |||||
2012-12-14 | Added a minimum delay between retrieval and submission of the subscribe form. | Mark Sapiro | 1 | -0/+4 | |
2012-11-24 | Implement SUBSCRIBE_FORM_SECRET to mitigate bot subscribes. (LP: 1082746) | Mark Sapiro | 2 | -2/+34 | |
2012-10-30 | Added 'legend' to the list of CSRF safe parameters for the admin CGI. | Mark Sapiro | 1 | -1/+2 | |
2012-08-22 | The query fragments send_unsub_notifications_to_list_owner and | Mark Sapiro | 1 | -9/+7 | |
send_unsub_ack_to_this_batch will now assume default values if not set in mass unsubscribe URLs. (LP: #1032378) | |||||
2012-06-20 | Fixed a typo in the UPGRADING doc - bin/upgrade -> bin/update. | Mark Sapiro | 1 | -0/+0 | |
2012-03-25 | Backported the password reminder from private archive login feature from the | Mark Sapiro | 1 | -1/+22 | |
2.2 branch. | |||||
2012-02-23 | Added a few more safe_params to the CSRF check. | Mark Sapiro | 1 | -1/+2 | |
2012-02-05 | Added Tokio Kikuchi's Cross-site Request Forgery hardening to the admin UI. | Mark Sapiro | 1 | -6/+26 | |
2011-12-31 | Fix for bug #629738 could cause a crash in the admindb details display | Mark Sapiro | 1 | -1/+3 | |
if the decoded message body contained characters not in the character set of the list's preferred language. Fixed. Bug #910440. | |||||
2011-11-12 | Added masthead.txt to the list of templates that can be edited via the | Mark Sapiro | 1 | -1/+2 | |
web admin interface. Bug #266805. | |||||
2011-06-07 | The user options 'list my other subscriptions' page now indicates for | Mark Sapiro | 1 | -0/+6 | |
each list if the subscription is 'nomail' or 'digest'. Bug #793669. | |||||
2011-05-10 | Fixed a problem in admindb.py where the character set for the display of | Mark Sapiro | 1 | -1/+8 | |
the message body excerpt was not correctly determined. Bug #779751. | |||||
2011-05-09 | Prevented setting user passwords with leading/trailing whitespace. Bug #778088. | Mark Sapiro | 3 | -10/+10 | |
2011-04-25 | A new list poster password has been implemented. This password may only | Mark Sapiro | 1 | -0/+27 | |
be used in Approved: or X-Approved: headers for pre-approving posts. Using this password for that purpose precludes compromise of a more valuable password sent in plain text email. Bug #770581. | |||||
2011-04-23 | Added a logout link to the admindb interface and made both admin and | Mark Sapiro | 2 | -3/+27 | |
admindb logout effective for a site admin cookie if allowed. Bug #769318. | |||||
2011-04-15 | Refactor last change for i18n. | Mark Sapiro | 1 | -5/+7 | |
2011-04-14 | Added a report of the affected members to the warnings issued when | Mark Sapiro | 1 | -3/+5 | |
setting a list with digest members digestable=No and when setting a list with non-digest members nondigestable=no. Bug #761232. | |||||
2011-03-29 | Changed the subscribe CGI to strip leading and trailing whitespace from | Mark Sapiro | 1 | -2/+2 | |
the supplied email address. Bug #745432. | |||||
2011-02-18 | An XSS vulnerability, CVE-2011-0707, has been fixed. | Mark Sapiro | 1 | -3/+3 | |
2011-02-07 | - Fixed an uncaught KeyError when poster tries to cancel a post which was | Mark Sapiro | 1 | -2/+3 | |
already handled. Bug #266224. | |||||
2011-02-05 | Updated copyright year for previous change. | Mark Sapiro | 1 | -1/+1 | |
2011-02-05 | Issue an HTTP 404 status for private archive file not found. | Mark Sapiro | 1 | -0/+1 | |
2010-09-10 | Made minor wording improvements and typo corrections in some messages. | Mark Sapiro | 2 | -5/+5 | |
Bug #426979. | |||||
2010-09-09 | Two potential XSS vulnerabilities have been identified and fixed. | Mark Sapiro | 1 | -2/+2 | |
2010-09-03 | Fixed admindb interface to decode base64 and quoted-printable encoded | Mark Sapiro | 1 | -1/+1 | |
message body excerpts for display. Bug #629738. | |||||
2010-07-27 | Changed the member options login page unsubscribe request to include the | Mark Sapiro | 1 | -1/+2 | |
requesters IP address in the confirmation request. Bug #610527. | |||||
2010-07-02 | Increased the font size of 'Welcome!'on admin overview for consistency with ↵ | Mark Sapiro | 1 | -1/+1 | |
listinfo. | |||||
2010-06-25 | Fixed an issue in admindb that could result in a KeyError and "we hit a | Mark Sapiro | 1 | -6/+10 | |
bug" response when a moderator acts on a post that had been handled by someone else after the first moderator had retrieved it. Bug #598671. | |||||
2010-06-23 | Fixed a bug which would fail to show a list on the admin and listinfo | Mark Sapiro | 2 | -4/+6 | |
overview pages if its web_page_url contained a :port. Bug # 597741. | |||||
2010-03-29 | Added roster to the CGIs that return HTTP 401 status for an authentication | Mark Sapiro | 10 | -0/+22 | |
failure, and return HTTP 404 status from all CGIs for an invalid list name. | |||||
2010-03-06 | Reordered the 'cancel' and 'subscribe' buttons on the subscription | Mark Sapiro | 1 | -3/+3 | |
confirmation web page so the default action upon 'enter' will be the subscribe button in browsers that pick the first button. Bug #530654. | |||||
2010-03-06 | Fixed a bug in the admindb interface that could apply a moderator | Mark Sapiro | 1 | -2/+10 | |
action to a message not displayed. Bug #533468. | |||||
2010-02-27 | Added a urlhost argument to the MailList.MailList.Create() method to | Mark Sapiro | 1 | -2/+3 | |
allow bin/newlist and the the create CGI to pass urlhost so the host will be correct in the listinfo link on the emptyarchive page. Bug #529100. | |||||
2010-02-04 | We now give an HTTP 401 status for authentication failures from admin, | Mark Sapiro | 3 | -2/+8 | |
admindb, private and options logins. | |||||
2010-01-21 | - Fixed a bug where going to an archives/private/list.mbox/list.mbox URL | Mark Sapiro | 1 | -1/+3 | |
would result in a munged URL if authentication was required. Bug #266164. | |||||
2009-12-04 | - Added vette logging for rejected and discarded (un)subscribe requests. | Mark Sapiro | 1 | -1/+1 | |
- Fixed a bug in admindb.py that could erroneously discard an unsubscribe request as a duplicate. | |||||
2009-12-03 | Decoded RFC 2047 encoded message subjects for a few reports. Bug #266428. | Mark Sapiro | 1 | -3/+4 | |
2009-07-31 | Backported several bug fixes from the 2.2 branch. | Mark Sapiro | 2 | -4/+5 | |