aboutsummaryrefslogtreecommitdiffstats
path: root/Mailman/Cgi (unfollow)
Commit message (Expand)AuthorFilesLines
2014-12-20Implement a new DEFAULT_SUBSCRIBE_OR_INVITE setting to control the defaultMark Sapiro1-1/+2
2014-11-07Catch the NotAMemberError exception thrown if an authenticatedMark Sapiro1-0/+7
2014-09-21The options CGI now rejects all but HTTP GET and POST requests.Mark Sapiro1-0/+12
2014-06-09<label> tags have been added around most check boxes and radio buttonsMark Sapiro1-10/+29
2014-05-02Removed HTML tags from the title of a couple of rmlist.py pages becauseMark Sapiro1-2/+2
2014-04-15Fixed the admin Membership List so a search string if any is not lostMark Sapiro1-1/+2
2014-03-21 - Added the list name to the vette log "held message approved" entry.Mark Sapiro10-20/+20
2014-02-07Changed the message from the confirm CGI to not indicate approval isMark Sapiro1-2/+3
2013-07-19Enable setting a default grouping/sorting for the admindb held messageMark Sapiro1-4/+7
2013-07-18Backported the held message sorting to 2.1 and made it optional.Mark Sapiro1-18/+51
2013-06-07- It is no longer possible to add 'invalid' addresses to the ban_listMark Sapiro1-15/+39
2013-04-03The pending (un)subscriptions waiting approval are now sorted by emailMark Sapiro1-5/+5
2012-12-14Added a minimum delay between retrieval and submission of the subscribe form.Mark Sapiro1-0/+4
2012-11-24Implement SUBSCRIBE_FORM_SECRET to mitigate bot subscribes. (LP: 1082746)Mark Sapiro2-2/+34
2012-10-30Added 'legend' to the list of CSRF safe parameters for the admin CGI.Mark Sapiro1-1/+2
2012-08-22The query fragments send_unsub_notifications_to_list_owner andMark Sapiro1-9/+7
2012-06-20Fixed a typo in the UPGRADING doc - bin/upgrade -> bin/update.Mark Sapiro1-0/+0
2012-03-25Backported the password reminder from private archive login feature from theMark Sapiro1-1/+22
2012-02-23Added a few more safe_params to the CSRF check.Mark Sapiro1-1/+2
2012-02-05Added Tokio Kikuchi's Cross-site Request Forgery hardening to the admin UI.Mark Sapiro1-6/+26
2011-12-31Fix for bug #629738 could cause a crash in the admindb details displayMark Sapiro1-1/+3
2011-11-12Added masthead.txt to the list of templates that can be edited via theMark Sapiro1-1/+2
2011-06-07The user options 'list my other subscriptions' page now indicates forMark Sapiro1-0/+6
2011-05-10Fixed a problem in admindb.py where the character set for the display ofMark Sapiro1-1/+8
2011-05-09Prevented setting user passwords with leading/trailing whitespace. Bug #778088.Mark Sapiro3-10/+10
2011-04-25A new list poster password has been implemented. This password may onlyMark Sapiro1-0/+27
2011-04-23Added a logout link to the admindb interface and made both admin andMark Sapiro2-3/+27
2011-04-15Refactor last change for i18n.Mark Sapiro1-5/+7
2011-04-14Added a report of the affected members to the warnings issued whenMark Sapiro1-3/+5
2011-03-29Changed the subscribe CGI to strip leading and trailing whitespace fromMark Sapiro1-2/+2
2011-02-18An XSS vulnerability, CVE-2011-0707, has been fixed.Mark Sapiro1-3/+3
2011-02-07- Fixed an uncaught KeyError when poster tries to cancel a post which wasMark Sapiro1-2/+3
2011-02-05Updated copyright year for previous change.Mark Sapiro1-1/+1
2011-02-05Issue an HTTP 404 status for private archive file not found.Mark Sapiro1-0/+1
2010-09-10Made minor wording improvements and typo corrections in some messages.Mark Sapiro2-5/+5
2010-09-09Two potential XSS vulnerabilities have been identified and fixed.Mark Sapiro1-2/+2
2010-09-03Fixed admindb interface to decode base64 and quoted-printable encodedMark Sapiro1-1/+1
2010-07-27Changed the member options login page unsubscribe request to include theMark Sapiro1-1/+2
2010-07-02Increased the font size of 'Welcome!'on admin overview for consistency with l...Mark Sapiro1-1/+1
2010-06-25Fixed an issue in admindb that could result in a KeyError and "we hit aMark Sapiro1-6/+10
2010-06-23Fixed a bug which would fail to show a list on the admin and listinfoMark Sapiro2-4/+6
2010-03-29Added roster to the CGIs that return HTTP 401 status for an authenticationMark Sapiro10-0/+22
2010-03-06Reordered the 'cancel' and 'subscribe' buttons on the subscriptionMark Sapiro1-3/+3
2010-03-06Fixed a bug in the admindb interface that could apply a moderatorMark Sapiro1-2/+10
2010-02-27Added a urlhost argument to the MailList.MailList.Create() method toMark Sapiro1-2/+3
2010-02-04We now give an HTTP 401 status for authentication failures from admin,Mark Sapiro3-2/+8
2010-01-21- Fixed a bug where going to an archives/private/list.mbox/list.mbox URLMark Sapiro1-1/+3
2009-12-04- Added vette logging for rejected and discarded (un)subscribe requests.Mark Sapiro1-1/+1
2009-12-03Decoded RFC 2047 encoded message subjects for a few reports. Bug #266428.Mark Sapiro1-3/+4
2009-07-31Backported several bug fixes from the 2.2 branch.Mark Sapiro2-4/+5