aboutsummaryrefslogtreecommitdiffstats
path: root/Mailman/Cgi (follow)
Commit message (Expand)AuthorAgeFilesLines
* fix computing the form hash when there is no CAPTCHARalf Jung2019-06-101-1/+1
* implement a simple CAPTCHA scheme based on questions and answers configured b...Ralf Jung2019-06-102-4/+25
* Strip leading/trailing spaces from login email for private and options login.Mark Sapiro2019-03-062-3/+4
* Corrected and augmented some security log messages.Mark Sapiro2018-12-304-3/+17
* Catch TypeError on simultaneous confirmations of the same token.Mark Sapiro2018-08-071-5/+19
* fix python doc urlsYasuhito FUTATSUKI at POEM2018-07-151-1/+1
* Enable editing templates in an alternate language.Mark Sapiro2018-07-081-7/+35
|\
| * Add language selecter to "HTML Page Editing" page for multi-lang listsYasuhito FUTATSUKI at POEM2018-07-091-7/+34
|/
* * apply Utils.websafe() to description string in admin.pyYasuhito FUTATSUKI at POEM2018-06-221-1/+1
* enhance i18n of listinfo overviewYasuhito FUTATSUKI at POEM2018-06-222-2/+2
* Added global _ where needed.Mark Sapiro2018-06-182-0/+2
* Bump copyright dates.Mark Sapiro2018-06-1712-11/+11
* I18n for new whence reasons in admin (un)subscribe notices.Mark Sapiro2018-06-172-4/+19
|\
| * enhance i18n in admin(un)?subscribeack messagesYasuhito FUTATSUKI at POEM2018-06-162-4/+7
|/
* Implement security log.Mark Sapiro2018-06-116-4/+42
|\
| * Changes based on feedback from Mark.Jim Popovitch2018-06-102-5/+8
| * Improved logging of security related eventsJim Popovitch2018-06-065-0/+25
|/
* Separate data in CSRF token by colon to avoid collisions.Ralf Jung2018-06-032-6/+6
* Internationalize the noscript note added to reCAPTCHA.Mark Sapiro2018-05-261-2/+3
* Add <noscript> note to listinfo reCAPTCHA that JavaScript is required.Mark Sapiro2018-05-051-0/+1
* Removed a Python 2.7 dependency introduced in 2.1.26.Mark Sapiro2018-03-011-1/+1
* Fix XSS and info leak in options CGI - CVE-2018-5950Mark Sapiro2018-02-041-15/+17
* It's not necessary to replace _ with - in language codes for reCAPTCHA.Mark Sapiro2018-02-031-3/+1
* Corrected i18n from rev. 1738 and updated message catalogs.Mark Sapiro2018-01-301-3/+5
* Added the ability to add reCAPTCHA to the listinfo subscribe form.Mark Sapiro2018-01-292-2/+37
|\
| * Allow the list subscription form to be protected from spam bots usingDavid Siebörger2018-01-292-0/+32
|/
* Added screen reader labels to some admindb radio buttons.Mark Sapiro2017-06-241-15/+10
* Added text for screen readers only to checkboxes on admin Membership List.Mark Sapiro2017-06-211-7/+16
* Display date of held subscriptions and keep newest.Mark Sapiro2017-06-091-6/+11
* Reverted another getfirst in the multi-value CGI defence.Mark Sapiro2017-06-071-1/+1
* Bumped Copyrights and fixed a bug in prior commit.Mark Sapiro2017-06-0510-12/+12
* Defend against CGI requests with multiple values for the same parameter.Mark Sapiro2017-06-0511-105/+105
* Fixed a regression in Cgi/options.py.Mark Sapiro2017-06-041-12/+12
* Change 'subscribees' to 'subscribers' on admin mass subscribe page.Mark Sapiro2017-04-251-1/+1
* Fixed an uncaught TypeError in the subscribe CGI.Mark Sapiro2017-02-221-1/+1
* Fixed a TypeError thrown in the roster CGI when called with a listnameMark Sapiro2017-02-031-3/+3
* Fixed incorrect "view more members" links at the bottom of the adminMark Sapiro2016-10-271-4/+5
* Fix unicode links in multi-page admin Membership list search results.Mark Sapiro2016-09-291-2/+5
* Fixes for CVE-2016-6893 and more.Mark Sapiro2016-08-263-5/+71
* Membership List letter links could be incorrectly rendered as Unicode.Mark Sapiro2016-07-191-0/+3
* Catch TypeError from certain defective crafted POST requests.Mark Sapiro2016-07-1411-14/+132
* Prior fix for lp:1573623 at rev 1647 was incomplete.Mark Sapiro2016-05-221-2/+3
* Added a bunch more templates to those that can be edited via the GUI.Mark Sapiro2016-05-181-1/+13
* Catch MMUnknownListError in case list is removed after listing names.Mark Sapiro2016-05-172-3/+11
* White space left of Logout link is no longer part of the link.Mark Sapiro2016-04-221-3/+4
* Submitting the user options form for a user who was asynchronouslyMark Sapiro2015-12-061-0/+8
* Defended against a user submitting URLs with query fragments or POSTMark Sapiro2015-09-161-0/+8
* Don't show digest options on user's options page for non-digestable lists.Mark Sapiro2015-07-201-2/+8
* Improved identification of remote clients coming via a proxy server.Mark Sapiro2015-06-233-9/+18
|\
| * Support for HTTP_X_FORWARDED_FOR and HTTP_FORWARDED_FOR (RFC 7239) Jim Popovitch2015-06-233-9/+18
|/