Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
* | The options CGI now rejects all but HTTP GET and POST requests. | Mark Sapiro | 2014-09-21 | 1 | -0/+12 | |
| | ||||||
* | <label> tags have been added around most check boxes and radio buttons | Mark Sapiro | 2014-06-09 | 1 | -10/+29 | |
| | | | | | and their text labels in the admin and admindb web GUI so they can be (de)selected by clicking the text. (LP: #266391) | |||||
* | Removed HTML tags from the title of a couple of rmlist.py pages because | Mark Sapiro | 2014-05-02 | 1 | -2/+2 | |
| | | | | browsers don't render tags in the title. (LP: #265848) | |||||
* | Fixed the admin Membership List so a search string if any is not lost | Mark Sapiro | 2014-04-15 | 1 | -1/+2 | |
| | | | | when visiting subsequent fragments of a chunked list. | |||||
* | - Added the list name to the vette log "held message approved" entry. | Mark Sapiro | 2014-03-21 | 10 | -20/+20 | |
| | | | | | | | | | | (LP: 1295875) - Added the CGI module name to various "No such list" error log entries. (LP: 1295875) - Modified contrib/mmdsr to report module name if present in "No such list error log entries. | |||||
* | Changed the message from the confirm CGI to not indicate approval is | Mark Sapiro | 2014-02-07 | 1 | -2/+3 | |
| | | | | required for an acceptance of an invitation. | |||||
* | Enable setting a default grouping/sorting for the admindb held message | Mark Sapiro | 2013-07-19 | 1 | -4/+7 | |
| | | | | summary via a DISPLAY_HELD_SUMMARY_SORT_BUTTONS setting. | |||||
* | Backported the held message sorting to 2.1 and made it optional. | Mark Sapiro | 2013-07-18 | 1 | -18/+51 | |
| | ||||||
* | - It is no longer possible to add 'invalid' addresses to the ban_list | Mark Sapiro | 2013-06-07 | 1 | -15/+39 | |
| | | | | | and the *_these_nonmembers filters from the check boxes on the admindb interface. (LP: #1187201) | |||||
* | The pending (un)subscriptions waiting approval are now sorted by email | Mark Sapiro | 2013-04-03 | 1 | -5/+5 | |
| | | | | address in the admindb interface as intended. (LP: 1164160) | |||||
* | Added a minimum delay between retrieval and submission of the subscribe form. | Mark Sapiro | 2012-12-14 | 1 | -0/+4 | |
| | ||||||
* | Implement SUBSCRIBE_FORM_SECRET to mitigate bot subscribes. (LP: 1082746) | Mark Sapiro | 2012-11-24 | 2 | -2/+34 | |
| | ||||||
* | Added 'legend' to the list of CSRF safe parameters for the admin CGI. | Mark Sapiro | 2012-10-30 | 1 | -1/+2 | |
| | ||||||
* | The query fragments send_unsub_notifications_to_list_owner and | Mark Sapiro | 2012-08-22 | 1 | -9/+7 | |
| | | | | | send_unsub_ack_to_this_batch will now assume default values if not set in mass unsubscribe URLs. (LP: #1032378) | |||||
* | Fixed a typo in the UPGRADING doc - bin/upgrade -> bin/update. | Mark Sapiro | 2012-06-20 | 1 | -0/+0 | |
| | ||||||
* | Backported the password reminder from private archive login feature from the | Mark Sapiro | 2012-03-25 | 1 | -1/+22 | |
| | | | | 2.2 branch. | |||||
* | Added a few more safe_params to the CSRF check. | Mark Sapiro | 2012-02-23 | 1 | -1/+2 | |
| | ||||||
* | Added Tokio Kikuchi's Cross-site Request Forgery hardening to the admin UI. | Mark Sapiro | 2012-02-05 | 1 | -6/+26 | |
| | ||||||
* | Fix for bug #629738 could cause a crash in the admindb details display | Mark Sapiro | 2011-12-31 | 1 | -1/+3 | |
| | | | | | if the decoded message body contained characters not in the character set of the list's preferred language. Fixed. Bug #910440. | |||||
* | Added masthead.txt to the list of templates that can be edited via the | Mark Sapiro | 2011-11-12 | 1 | -1/+2 | |
| | | | | web admin interface. Bug #266805. | |||||
* | The user options 'list my other subscriptions' page now indicates for | Mark Sapiro | 2011-06-07 | 1 | -0/+6 | |
| | | | | each list if the subscription is 'nomail' or 'digest'. Bug #793669. | |||||
* | Fixed a problem in admindb.py where the character set for the display of | Mark Sapiro | 2011-05-10 | 1 | -1/+8 | |
| | | | | the message body excerpt was not correctly determined. Bug #779751. | |||||
* | Prevented setting user passwords with leading/trailing whitespace. Bug #778088. | Mark Sapiro | 2011-05-09 | 3 | -10/+10 | |
| | ||||||
* | A new list poster password has been implemented. This password may only | Mark Sapiro | 2011-04-25 | 1 | -0/+27 | |
| | | | | | | be used in Approved: or X-Approved: headers for pre-approving posts. Using this password for that purpose precludes compromise of a more valuable password sent in plain text email. Bug #770581. | |||||
* | Added a logout link to the admindb interface and made both admin and | Mark Sapiro | 2011-04-23 | 2 | -3/+27 | |
| | | | | | admindb logout effective for a site admin cookie if allowed. Bug #769318. | |||||
* | Refactor last change for i18n. | Mark Sapiro | 2011-04-15 | 1 | -5/+7 | |
| | ||||||
* | Added a report of the affected members to the warnings issued when | Mark Sapiro | 2011-04-14 | 1 | -3/+5 | |
| | | | | | setting a list with digest members digestable=No and when setting a list with non-digest members nondigestable=no. Bug #761232. | |||||
* | Changed the subscribe CGI to strip leading and trailing whitespace from | Mark Sapiro | 2011-03-29 | 1 | -2/+2 | |
| | | | | the supplied email address. Bug #745432. | |||||
* | An XSS vulnerability, CVE-2011-0707, has been fixed. | Mark Sapiro | 2011-02-18 | 1 | -3/+3 | |
| | ||||||
* | - Fixed an uncaught KeyError when poster tries to cancel a post which was | Mark Sapiro | 2011-02-07 | 1 | -2/+3 | |
| | | | | already handled. Bug #266224. | |||||
* | Updated copyright year for previous change. | Mark Sapiro | 2011-02-05 | 1 | -1/+1 | |
| | ||||||
* | Issue an HTTP 404 status for private archive file not found. | Mark Sapiro | 2011-02-05 | 1 | -0/+1 | |
| | ||||||
* | Made minor wording improvements and typo corrections in some messages. | Mark Sapiro | 2010-09-10 | 2 | -5/+5 | |
| | | | | Bug #426979. | |||||
* | Two potential XSS vulnerabilities have been identified and fixed. | Mark Sapiro | 2010-09-09 | 1 | -2/+2 | |
| | ||||||
* | Fixed admindb interface to decode base64 and quoted-printable encoded | Mark Sapiro | 2010-09-03 | 1 | -1/+1 | |
| | | | | message body excerpts for display. Bug #629738. | |||||
* | Changed the member options login page unsubscribe request to include the | Mark Sapiro | 2010-07-27 | 1 | -1/+2 | |
| | | | | requesters IP address in the confirmation request. Bug #610527. | |||||
* | Increased the font size of 'Welcome!'on admin overview for consistency with ↵ | Mark Sapiro | 2010-07-02 | 1 | -1/+1 | |
| | | | | listinfo. | |||||
* | Fixed an issue in admindb that could result in a KeyError and "we hit a | Mark Sapiro | 2010-06-25 | 1 | -6/+10 | |
| | | | | | bug" response when a moderator acts on a post that had been handled by someone else after the first moderator had retrieved it. Bug #598671. | |||||
* | Fixed a bug which would fail to show a list on the admin and listinfo | Mark Sapiro | 2010-06-23 | 2 | -4/+6 | |
| | | | | overview pages if its web_page_url contained a :port. Bug # 597741. | |||||
* | Added roster to the CGIs that return HTTP 401 status for an authentication | Mark Sapiro | 2010-03-29 | 10 | -0/+22 | |
| | | | | failure, and return HTTP 404 status from all CGIs for an invalid list name. | |||||
* | Reordered the 'cancel' and 'subscribe' buttons on the subscription | Mark Sapiro | 2010-03-06 | 1 | -3/+3 | |
| | | | | | confirmation web page so the default action upon 'enter' will be the subscribe button in browsers that pick the first button. Bug #530654. | |||||
* | Fixed a bug in the admindb interface that could apply a moderator | Mark Sapiro | 2010-03-06 | 1 | -2/+10 | |
| | | | | action to a message not displayed. Bug #533468. | |||||
* | Added a urlhost argument to the MailList.MailList.Create() method to | Mark Sapiro | 2010-02-27 | 1 | -2/+3 | |
| | | | | | | allow bin/newlist and the the create CGI to pass urlhost so the host will be correct in the listinfo link on the emptyarchive page. Bug #529100. | |||||
* | We now give an HTTP 401 status for authentication failures from admin, | Mark Sapiro | 2010-02-04 | 3 | -2/+8 | |
| | | | | admindb, private and options logins. | |||||
* | - Fixed a bug where going to an archives/private/list.mbox/list.mbox URL | Mark Sapiro | 2010-01-21 | 1 | -1/+3 | |
| | | | | would result in a munged URL if authentication was required. Bug #266164. | |||||
* | - Added vette logging for rejected and discarded (un)subscribe requests. | Mark Sapiro | 2009-12-04 | 1 | -1/+1 | |
| | | | | | - Fixed a bug in admindb.py that could erroneously discard an unsubscribe request as a duplicate. | |||||
* | Decoded RFC 2047 encoded message subjects for a few reports. Bug #266428. | Mark Sapiro | 2009-12-03 | 1 | -3/+4 | |
| | ||||||
* | Backported several bug fixes from the 2.2 branch. | Mark Sapiro | 2009-07-31 | 2 | -4/+5 | |
| | ||||||
* | Fixed a bug in admindb.py in the implementation of replacing "No Reason | Mark Sapiro | 2009-02-03 | 1 | -2/+7 | |
| | | | | Given" with the default rejection reason. Bug #325016. | |||||
* | Two of the 'new' class exceptions are raised with an argument. | Mark Sapiro | 2009-01-20 | 1 | -4/+5 | |
| |