Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | <label> tags have been added around most check boxes and radio buttons | Mark Sapiro | 2014-06-09 | 1 | -10/+29 |
| | | | | | and their text labels in the admin and admindb web GUI so they can be (de)selected by clicking the text. (LP: #266391) | ||||
* | Removed HTML tags from the title of a couple of rmlist.py pages because | Mark Sapiro | 2014-05-02 | 1 | -2/+2 |
| | | | | browsers don't render tags in the title. (LP: #265848) | ||||
* | Fixed the admin Membership List so a search string if any is not lost | Mark Sapiro | 2014-04-15 | 1 | -1/+2 |
| | | | | when visiting subsequent fragments of a chunked list. | ||||
* | - Added the list name to the vette log "held message approved" entry. | Mark Sapiro | 2014-03-21 | 10 | -20/+20 |
| | | | | | | | | | | (LP: 1295875) - Added the CGI module name to various "No such list" error log entries. (LP: 1295875) - Modified contrib/mmdsr to report module name if present in "No such list error log entries. | ||||
* | Changed the message from the confirm CGI to not indicate approval is | Mark Sapiro | 2014-02-07 | 1 | -2/+3 |
| | | | | required for an acceptance of an invitation. | ||||
* | Enable setting a default grouping/sorting for the admindb held message | Mark Sapiro | 2013-07-19 | 1 | -4/+7 |
| | | | | summary via a DISPLAY_HELD_SUMMARY_SORT_BUTTONS setting. | ||||
* | Backported the held message sorting to 2.1 and made it optional. | Mark Sapiro | 2013-07-18 | 1 | -18/+51 |
| | |||||
* | - It is no longer possible to add 'invalid' addresses to the ban_list | Mark Sapiro | 2013-06-07 | 1 | -15/+39 |
| | | | | | and the *_these_nonmembers filters from the check boxes on the admindb interface. (LP: #1187201) | ||||
* | The pending (un)subscriptions waiting approval are now sorted by email | Mark Sapiro | 2013-04-03 | 1 | -5/+5 |
| | | | | address in the admindb interface as intended. (LP: 1164160) | ||||
* | Added a minimum delay between retrieval and submission of the subscribe form. | Mark Sapiro | 2012-12-14 | 1 | -0/+4 |
| | |||||
* | Implement SUBSCRIBE_FORM_SECRET to mitigate bot subscribes. (LP: 1082746) | Mark Sapiro | 2012-11-24 | 2 | -2/+34 |
| | |||||
* | Added 'legend' to the list of CSRF safe parameters for the admin CGI. | Mark Sapiro | 2012-10-30 | 1 | -1/+2 |
| | |||||
* | The query fragments send_unsub_notifications_to_list_owner and | Mark Sapiro | 2012-08-22 | 1 | -9/+7 |
| | | | | | send_unsub_ack_to_this_batch will now assume default values if not set in mass unsubscribe URLs. (LP: #1032378) | ||||
* | Fixed a typo in the UPGRADING doc - bin/upgrade -> bin/update. | Mark Sapiro | 2012-06-20 | 1 | -0/+0 |
| | |||||
* | Backported the password reminder from private archive login feature from the | Mark Sapiro | 2012-03-25 | 1 | -1/+22 |
| | | | | 2.2 branch. | ||||
* | Added a few more safe_params to the CSRF check. | Mark Sapiro | 2012-02-23 | 1 | -1/+2 |
| | |||||
* | Added Tokio Kikuchi's Cross-site Request Forgery hardening to the admin UI. | Mark Sapiro | 2012-02-05 | 1 | -6/+26 |
| | |||||
* | Fix for bug #629738 could cause a crash in the admindb details display | Mark Sapiro | 2011-12-31 | 1 | -1/+3 |
| | | | | | if the decoded message body contained characters not in the character set of the list's preferred language. Fixed. Bug #910440. | ||||
* | Added masthead.txt to the list of templates that can be edited via the | Mark Sapiro | 2011-11-12 | 1 | -1/+2 |
| | | | | web admin interface. Bug #266805. | ||||
* | The user options 'list my other subscriptions' page now indicates for | Mark Sapiro | 2011-06-07 | 1 | -0/+6 |
| | | | | each list if the subscription is 'nomail' or 'digest'. Bug #793669. | ||||
* | Fixed a problem in admindb.py where the character set for the display of | Mark Sapiro | 2011-05-10 | 1 | -1/+8 |
| | | | | the message body excerpt was not correctly determined. Bug #779751. | ||||
* | Prevented setting user passwords with leading/trailing whitespace. Bug #778088. | Mark Sapiro | 2011-05-09 | 3 | -10/+10 |
| | |||||
* | A new list poster password has been implemented. This password may only | Mark Sapiro | 2011-04-25 | 1 | -0/+27 |
| | | | | | | be used in Approved: or X-Approved: headers for pre-approving posts. Using this password for that purpose precludes compromise of a more valuable password sent in plain text email. Bug #770581. | ||||
* | Added a logout link to the admindb interface and made both admin and | Mark Sapiro | 2011-04-23 | 2 | -3/+27 |
| | | | | | admindb logout effective for a site admin cookie if allowed. Bug #769318. | ||||
* | Refactor last change for i18n. | Mark Sapiro | 2011-04-15 | 1 | -5/+7 |
| | |||||
* | Added a report of the affected members to the warnings issued when | Mark Sapiro | 2011-04-14 | 1 | -3/+5 |
| | | | | | setting a list with digest members digestable=No and when setting a list with non-digest members nondigestable=no. Bug #761232. | ||||
* | Changed the subscribe CGI to strip leading and trailing whitespace from | Mark Sapiro | 2011-03-29 | 1 | -2/+2 |
| | | | | the supplied email address. Bug #745432. | ||||
* | An XSS vulnerability, CVE-2011-0707, has been fixed. | Mark Sapiro | 2011-02-18 | 1 | -3/+3 |
| | |||||
* | - Fixed an uncaught KeyError when poster tries to cancel a post which was | Mark Sapiro | 2011-02-07 | 1 | -2/+3 |
| | | | | already handled. Bug #266224. | ||||
* | Updated copyright year for previous change. | Mark Sapiro | 2011-02-05 | 1 | -1/+1 |
| | |||||
* | Issue an HTTP 404 status for private archive file not found. | Mark Sapiro | 2011-02-05 | 1 | -0/+1 |
| | |||||
* | Made minor wording improvements and typo corrections in some messages. | Mark Sapiro | 2010-09-10 | 2 | -5/+5 |
| | | | | Bug #426979. | ||||
* | Two potential XSS vulnerabilities have been identified and fixed. | Mark Sapiro | 2010-09-09 | 1 | -2/+2 |
| | |||||
* | Fixed admindb interface to decode base64 and quoted-printable encoded | Mark Sapiro | 2010-09-03 | 1 | -1/+1 |
| | | | | message body excerpts for display. Bug #629738. | ||||
* | Changed the member options login page unsubscribe request to include the | Mark Sapiro | 2010-07-27 | 1 | -1/+2 |
| | | | | requesters IP address in the confirmation request. Bug #610527. | ||||
* | Increased the font size of 'Welcome!'on admin overview for consistency with ↵ | Mark Sapiro | 2010-07-02 | 1 | -1/+1 |
| | | | | listinfo. | ||||
* | Fixed an issue in admindb that could result in a KeyError and "we hit a | Mark Sapiro | 2010-06-25 | 1 | -6/+10 |
| | | | | | bug" response when a moderator acts on a post that had been handled by someone else after the first moderator had retrieved it. Bug #598671. | ||||
* | Fixed a bug which would fail to show a list on the admin and listinfo | Mark Sapiro | 2010-06-23 | 2 | -4/+6 |
| | | | | overview pages if its web_page_url contained a :port. Bug # 597741. | ||||
* | Added roster to the CGIs that return HTTP 401 status for an authentication | Mark Sapiro | 2010-03-29 | 10 | -0/+22 |
| | | | | failure, and return HTTP 404 status from all CGIs for an invalid list name. | ||||
* | Reordered the 'cancel' and 'subscribe' buttons on the subscription | Mark Sapiro | 2010-03-06 | 1 | -3/+3 |
| | | | | | confirmation web page so the default action upon 'enter' will be the subscribe button in browsers that pick the first button. Bug #530654. | ||||
* | Fixed a bug in the admindb interface that could apply a moderator | Mark Sapiro | 2010-03-06 | 1 | -2/+10 |
| | | | | action to a message not displayed. Bug #533468. | ||||
* | Added a urlhost argument to the MailList.MailList.Create() method to | Mark Sapiro | 2010-02-27 | 1 | -2/+3 |
| | | | | | | allow bin/newlist and the the create CGI to pass urlhost so the host will be correct in the listinfo link on the emptyarchive page. Bug #529100. | ||||
* | We now give an HTTP 401 status for authentication failures from admin, | Mark Sapiro | 2010-02-04 | 3 | -2/+8 |
| | | | | admindb, private and options logins. | ||||
* | - Fixed a bug where going to an archives/private/list.mbox/list.mbox URL | Mark Sapiro | 2010-01-21 | 1 | -1/+3 |
| | | | | would result in a munged URL if authentication was required. Bug #266164. | ||||
* | - Added vette logging for rejected and discarded (un)subscribe requests. | Mark Sapiro | 2009-12-04 | 1 | -1/+1 |
| | | | | | - Fixed a bug in admindb.py that could erroneously discard an unsubscribe request as a duplicate. | ||||
* | Decoded RFC 2047 encoded message subjects for a few reports. Bug #266428. | Mark Sapiro | 2009-12-03 | 1 | -3/+4 |
| | |||||
* | Backported several bug fixes from the 2.2 branch. | Mark Sapiro | 2009-07-31 | 2 | -4/+5 |
| | |||||
* | Fixed a bug in admindb.py in the implementation of replacing "No Reason | Mark Sapiro | 2009-02-03 | 1 | -2/+7 |
| | | | | Given" with the default rejection reason. Bug #325016. | ||||
* | Two of the 'new' class exceptions are raised with an argument. | Mark Sapiro | 2009-01-20 | 1 | -4/+5 |
| | |||||
* | Updated links to Python documentation. | Mark Sapiro | 2009-01-11 | 1 | -1/+2 |
| |