| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Fixed a possible list membership leak via the user options CGI.HEADupstream/2.1master | Mark Sapiro | 2022-07-09 | 1 | -30/+30 |
| * | Improve fix for lp:1961762 in prior commit. | Mark Sapiro | 2022-02-22 | 1 | -1/+2 |
| * | Avoid 500 Internal Server Error for non-member with private roster. | Mark Sapiro | 2022-02-22 | 1 | -2/+2 |
| * | Block CSRF attack against admin or admindb pages. | Mark Sapiro | 2021-11-30 | 3 | -3/+6 |
| * | Prior commit was incomplete. | Mark Sapiro | 2021-11-23 | 1 | -4/+5 |
| * | Avoid NotAMemberError in CSRF check from user options page. | Mark Sapiro | 2021-11-21 | 1 | -11/+11 |
| * | Fix admindb for list with no mod password. | Mark Sapiro | 2021-11-12 | 1 | -1/+2 |
| * | Use moderator rather than admin for admindb CSRF token. | Mark Sapiro | 2021-11-03 | 1 | -2/+1 |
| * | Fix a potentail XSS attack via the user options page. | Mark Sapiro | 2021-11-03 | 1 | -0/+2 |
| * | Fixes for CVEs 2021-42096 and 2021-42097. | Mark Sapiro | 2021-10-18 | 1 | -13/+12 |
| * | Implement WARN_MEMBER_OF_SUBSCRIBE subscribe setting. | Mark Sapiro | 2020-06-10 | 1 | -0/+1 |
| * | Extend REFUSE_SECOND_PENDING to unsubscription as well. | Mark Sapiro | 2020-05-18 | 1 | -0/+3 |
| * | Fixed content injection vulnerability via the private login page. | Mark Sapiro | 2020-05-07 | 1 | -7/+3 |
| * | Fixed options login content injection vulnerability. | Mark Sapiro | 2020-05-05 | 1 | -1/+1 |
| * | Implement REFUSE_SECOND_PENDING setting to prevent multiple pending subscribes. | Mark Sapiro | 2020-01-09 | 1 | -0/+3 |
| * | Changed new 'Successfully unsubscribed:' to existing | Mark Sapiro | 2019-10-05 | 1 | -1/+1 |
| * | Implemented web admin sync members. | Mark Sapiro | 2019-09-17 | 1 | -2/+109 |
| * | Implement Ralf Jung's captcha feature for the subscribe form. | Mark Sapiro | 2019-06-19 | 2 | -4/+31 |
| |\ |
|
| | * | Don't enable CAPTCHA if 'en' key is not set | Ralf Jung | 2019-06-10 | 1 | -1/+1 |
| | * | fix computing the form hash when there is no CAPTCHA | Ralf Jung | 2019-06-10 | 1 | -1/+1 |
| | * | implement a simple CAPTCHA scheme based on questions and answers configured b... | Ralf Jung | 2019-06-10 | 2 | -4/+25 |
| |/ |
|
| * | Strip leading/trailing spaces from login email for private and options login. | Mark Sapiro | 2019-03-06 | 2 | -3/+4 |
| * | Corrected and augmented some security log messages. | Mark Sapiro | 2018-12-30 | 4 | -3/+17 |
| * | Catch TypeError on simultaneous confirmations of the same token. | Mark Sapiro | 2018-08-07 | 1 | -5/+19 |
| * | fix python doc urls | Yasuhito FUTATSUKI at POEM | 2018-07-15 | 1 | -1/+1 |
| * | Enable editing templates in an alternate language. | Mark Sapiro | 2018-07-08 | 1 | -7/+35 |
| |\ |
|
| | * | Add language selecter to "HTML Page Editing" page for multi-lang lists | Yasuhito FUTATSUKI at POEM | 2018-07-09 | 1 | -7/+34 |
| |/ |
|
| * | * apply Utils.websafe() to description string in admin.py | Yasuhito FUTATSUKI at POEM | 2018-06-22 | 1 | -1/+1 |
| * | enhance i18n of listinfo overview | Yasuhito FUTATSUKI at POEM | 2018-06-22 | 2 | -2/+2 |
| * | Added global _ where needed. | Mark Sapiro | 2018-06-18 | 2 | -0/+2 |
| * | Bump copyright dates. | Mark Sapiro | 2018-06-17 | 12 | -11/+11 |
| * | I18n for new whence reasons in admin (un)subscribe notices. | Mark Sapiro | 2018-06-17 | 2 | -4/+19 |
| |\ |
|
| | * | enhance i18n in admin(un)?subscribeack messages | Yasuhito FUTATSUKI at POEM | 2018-06-16 | 2 | -4/+7 |
| |/ |
|
| * | Implement security log. | Mark Sapiro | 2018-06-11 | 6 | -4/+42 |
| |\ |
|
| | * | Changes based on feedback from Mark. | Jim Popovitch | 2018-06-10 | 2 | -5/+8 |
| | * | Improved logging of security related events | Jim Popovitch | 2018-06-06 | 5 | -0/+25 |
| |/ |
|
| * | Separate data in CSRF token by colon to avoid collisions. | Ralf Jung | 2018-06-03 | 2 | -6/+6 |
| * | Internationalize the noscript note added to reCAPTCHA. | Mark Sapiro | 2018-05-26 | 1 | -2/+3 |
| * | Add <noscript> note to listinfo reCAPTCHA that JavaScript is required. | Mark Sapiro | 2018-05-05 | 1 | -0/+1 |
| * | Removed a Python 2.7 dependency introduced in 2.1.26. | Mark Sapiro | 2018-03-01 | 1 | -1/+1 |
| * | Fix XSS and info leak in options CGI - CVE-2018-5950 | Mark Sapiro | 2018-02-04 | 1 | -15/+17 |
| * | It's not necessary to replace _ with - in language codes for reCAPTCHA. | Mark Sapiro | 2018-02-03 | 1 | -3/+1 |
| * | Corrected i18n from rev. 1738 and updated message catalogs. | Mark Sapiro | 2018-01-30 | 1 | -3/+5 |
| * | Added the ability to add reCAPTCHA to the listinfo subscribe form. | Mark Sapiro | 2018-01-29 | 2 | -2/+37 |
| |\ |
|
| | * | Allow the list subscription form to be protected from spam bots using | David Siebörger | 2018-01-29 | 2 | -0/+32 |
| |/ |
|
| * | Added screen reader labels to some admindb radio buttons. | Mark Sapiro | 2017-06-24 | 1 | -15/+10 |
| * | Added text for screen readers only to checkboxes on admin Membership List. | Mark Sapiro | 2017-06-21 | 1 | -7/+16 |
| * | Display date of held subscriptions and keep newest. | Mark Sapiro | 2017-06-09 | 1 | -6/+11 |
| * | Reverted another getfirst in the multi-value CGI defence. | Mark Sapiro | 2017-06-07 | 1 | -1/+1 |
| * | Bumped Copyrights and fixed a bug in prior commit. | Mark Sapiro | 2017-06-05 | 10 | -12/+12 |
