Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
* | - It is no longer possible to add 'invalid' addresses to the ban_list | Mark Sapiro | 2013-06-07 | 1 | -15/+39 | |
| | | | | | and the *_these_nonmembers filters from the check boxes on the admindb interface. (LP: #1187201) | |||||
* | The pending (un)subscriptions waiting approval are now sorted by email | Mark Sapiro | 2013-04-03 | 1 | -5/+5 | |
| | | | | address in the admindb interface as intended. (LP: 1164160) | |||||
* | Added a minimum delay between retrieval and submission of the subscribe form. | Mark Sapiro | 2012-12-14 | 1 | -0/+4 | |
| | ||||||
* | Implement SUBSCRIBE_FORM_SECRET to mitigate bot subscribes. (LP: 1082746) | Mark Sapiro | 2012-11-24 | 2 | -2/+34 | |
| | ||||||
* | Added 'legend' to the list of CSRF safe parameters for the admin CGI. | Mark Sapiro | 2012-10-30 | 1 | -1/+2 | |
| | ||||||
* | The query fragments send_unsub_notifications_to_list_owner and | Mark Sapiro | 2012-08-22 | 1 | -9/+7 | |
| | | | | | send_unsub_ack_to_this_batch will now assume default values if not set in mass unsubscribe URLs. (LP: #1032378) | |||||
* | Fixed a typo in the UPGRADING doc - bin/upgrade -> bin/update. | Mark Sapiro | 2012-06-20 | 1 | -0/+0 | |
| | ||||||
* | Backported the password reminder from private archive login feature from the | Mark Sapiro | 2012-03-25 | 1 | -1/+22 | |
| | | | | 2.2 branch. | |||||
* | Added a few more safe_params to the CSRF check. | Mark Sapiro | 2012-02-23 | 1 | -1/+2 | |
| | ||||||
* | Added Tokio Kikuchi's Cross-site Request Forgery hardening to the admin UI. | Mark Sapiro | 2012-02-05 | 1 | -6/+26 | |
| | ||||||
* | Fix for bug #629738 could cause a crash in the admindb details display | Mark Sapiro | 2011-12-31 | 1 | -1/+3 | |
| | | | | | if the decoded message body contained characters not in the character set of the list's preferred language. Fixed. Bug #910440. | |||||
* | Added masthead.txt to the list of templates that can be edited via the | Mark Sapiro | 2011-11-12 | 1 | -1/+2 | |
| | | | | web admin interface. Bug #266805. | |||||
* | The user options 'list my other subscriptions' page now indicates for | Mark Sapiro | 2011-06-07 | 1 | -0/+6 | |
| | | | | each list if the subscription is 'nomail' or 'digest'. Bug #793669. | |||||
* | Fixed a problem in admindb.py where the character set for the display of | Mark Sapiro | 2011-05-10 | 1 | -1/+8 | |
| | | | | the message body excerpt was not correctly determined. Bug #779751. | |||||
* | Prevented setting user passwords with leading/trailing whitespace. Bug #778088. | Mark Sapiro | 2011-05-09 | 3 | -10/+10 | |
| | ||||||
* | A new list poster password has been implemented. This password may only | Mark Sapiro | 2011-04-25 | 1 | -0/+27 | |
| | | | | | | be used in Approved: or X-Approved: headers for pre-approving posts. Using this password for that purpose precludes compromise of a more valuable password sent in plain text email. Bug #770581. | |||||
* | Added a logout link to the admindb interface and made both admin and | Mark Sapiro | 2011-04-23 | 2 | -3/+27 | |
| | | | | | admindb logout effective for a site admin cookie if allowed. Bug #769318. | |||||
* | Refactor last change for i18n. | Mark Sapiro | 2011-04-15 | 1 | -5/+7 | |
| | ||||||
* | Added a report of the affected members to the warnings issued when | Mark Sapiro | 2011-04-14 | 1 | -3/+5 | |
| | | | | | setting a list with digest members digestable=No and when setting a list with non-digest members nondigestable=no. Bug #761232. | |||||
* | Changed the subscribe CGI to strip leading and trailing whitespace from | Mark Sapiro | 2011-03-29 | 1 | -2/+2 | |
| | | | | the supplied email address. Bug #745432. | |||||
* | An XSS vulnerability, CVE-2011-0707, has been fixed. | Mark Sapiro | 2011-02-18 | 1 | -3/+3 | |
| | ||||||
* | - Fixed an uncaught KeyError when poster tries to cancel a post which was | Mark Sapiro | 2011-02-07 | 1 | -2/+3 | |
| | | | | already handled. Bug #266224. | |||||
* | Updated copyright year for previous change. | Mark Sapiro | 2011-02-05 | 1 | -1/+1 | |
| | ||||||
* | Issue an HTTP 404 status for private archive file not found. | Mark Sapiro | 2011-02-05 | 1 | -0/+1 | |
| | ||||||
* | Made minor wording improvements and typo corrections in some messages. | Mark Sapiro | 2010-09-10 | 2 | -5/+5 | |
| | | | | Bug #426979. | |||||
* | Two potential XSS vulnerabilities have been identified and fixed. | Mark Sapiro | 2010-09-09 | 1 | -2/+2 | |
| | ||||||
* | Fixed admindb interface to decode base64 and quoted-printable encoded | Mark Sapiro | 2010-09-03 | 1 | -1/+1 | |
| | | | | message body excerpts for display. Bug #629738. | |||||
* | Changed the member options login page unsubscribe request to include the | Mark Sapiro | 2010-07-27 | 1 | -1/+2 | |
| | | | | requesters IP address in the confirmation request. Bug #610527. | |||||
* | Increased the font size of 'Welcome!'on admin overview for consistency with ↵ | Mark Sapiro | 2010-07-02 | 1 | -1/+1 | |
| | | | | listinfo. | |||||
* | Fixed an issue in admindb that could result in a KeyError and "we hit a | Mark Sapiro | 2010-06-25 | 1 | -6/+10 | |
| | | | | | bug" response when a moderator acts on a post that had been handled by someone else after the first moderator had retrieved it. Bug #598671. | |||||
* | Fixed a bug which would fail to show a list on the admin and listinfo | Mark Sapiro | 2010-06-23 | 2 | -4/+6 | |
| | | | | overview pages if its web_page_url contained a :port. Bug # 597741. | |||||
* | Added roster to the CGIs that return HTTP 401 status for an authentication | Mark Sapiro | 2010-03-29 | 10 | -0/+22 | |
| | | | | failure, and return HTTP 404 status from all CGIs for an invalid list name. | |||||
* | Reordered the 'cancel' and 'subscribe' buttons on the subscription | Mark Sapiro | 2010-03-06 | 1 | -3/+3 | |
| | | | | | confirmation web page so the default action upon 'enter' will be the subscribe button in browsers that pick the first button. Bug #530654. | |||||
* | Fixed a bug in the admindb interface that could apply a moderator | Mark Sapiro | 2010-03-06 | 1 | -2/+10 | |
| | | | | action to a message not displayed. Bug #533468. | |||||
* | Added a urlhost argument to the MailList.MailList.Create() method to | Mark Sapiro | 2010-02-27 | 1 | -2/+3 | |
| | | | | | | allow bin/newlist and the the create CGI to pass urlhost so the host will be correct in the listinfo link on the emptyarchive page. Bug #529100. | |||||
* | We now give an HTTP 401 status for authentication failures from admin, | Mark Sapiro | 2010-02-04 | 3 | -2/+8 | |
| | | | | admindb, private and options logins. | |||||
* | - Fixed a bug where going to an archives/private/list.mbox/list.mbox URL | Mark Sapiro | 2010-01-21 | 1 | -1/+3 | |
| | | | | would result in a munged URL if authentication was required. Bug #266164. | |||||
* | - Added vette logging for rejected and discarded (un)subscribe requests. | Mark Sapiro | 2009-12-04 | 1 | -1/+1 | |
| | | | | | - Fixed a bug in admindb.py that could erroneously discard an unsubscribe request as a duplicate. | |||||
* | Decoded RFC 2047 encoded message subjects for a few reports. Bug #266428. | Mark Sapiro | 2009-12-03 | 1 | -3/+4 | |
| | ||||||
* | Backported several bug fixes from the 2.2 branch. | Mark Sapiro | 2009-07-31 | 2 | -4/+5 | |
| | ||||||
* | Fixed a bug in admindb.py in the implementation of replacing "No Reason | Mark Sapiro | 2009-02-03 | 1 | -2/+7 | |
| | | | | Given" with the default rejection reason. Bug #325016. | |||||
* | Two of the 'new' class exceptions are raised with an argument. | Mark Sapiro | 2009-01-20 | 1 | -4/+5 | |
| | ||||||
* | Updated links to Python documentation. | Mark Sapiro | 2009-01-11 | 1 | -1/+2 | |
| | ||||||
* | - Fixed the admin Membership List Find member function so the 'letter' | Mark Sapiro | 2009-01-10 | 1 | -2/+5 | |
| | | | | | | | | links to a chunked result would still be limited to the Find member search. SF patch #1532081. - Changed scripts/driver to return a 405 status for non GET, POST, HEAD methods. SF patch #1578756. | |||||
* | Mailman/Utils.py | Mark Sapiro | 2009-01-02 | 1 | -9/+8 | |
| | | | | | | | | | | - Fixed a long standing error that stopped relative hrefs from being generated for links on Mailman's web pages. Mailman/Cgi/admindb.py - Changed the admindb interface so that when messages are rejected from the summary page, the reject reason is the rejection message from the Errors.HoldMessage subclass instead of the generic "No reason given". | |||||
* | Fixed a problem in Decorate which could throw a TypeError on conversion to | Mark Sapiro | 2008-12-07 | 1 | -6/+8 | |
| | | | | | | | | unicode of a header/footer that was already unicode because of interpolating a unicode value. Made a minor change to the authentication logic for displaying hidden members on the roster. | |||||
* | Updated some FAQ URLs for wiki.list.org. | Mark Sapiro | 2008-12-05 | 1 | -1/+1 | |
| | ||||||
* | Apply Heiko Rommel's patch for hashlib deprecation warnings for bug 293178. | Barry Warsaw | 2008-11-12 | 2 | -6/+6 | |
| | | | | I've modified the patch to improve some of the stylistic issues. | |||||
* | Fixed a bug in admin.py which would result in chunked pages of the membership | Mark Sapiro | 2008-07-30 | 1 | -10/+5 | |
| | | | | | | list for members whose address begins with a non-alphanumeric character to not be visible or retrievable. | |||||
* | options.py - Made the ability for a list admin to change a members password | Mark Sapiro | 2008-04-14 | 1 | -0/+8 | |
| | | | | | | | conditional on mm_cfg.OWNERS_CAN_CHANGE_MEMBER_PASSWORDS. Defaults.py.in - Added OWNERS_CAN_CHANGE_MEMBER_PASSWORDS = No. |