aboutsummaryrefslogtreecommitdiffstats
path: root/Mailman/HTMLFormatter.py (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Fixes for CVE-2016-6893 and more.Mark Sapiro2016-08-261-2/+9
|
* Because of privacy concerns with the 2.2 backport adding real name toMark Sapiro2015-02-131-1/+1
| | | | | list rosters, this is controlled by a new ROSTER_DISPLAY_REALNAME setting that defaults to No.
* A number of changes from the unofficial 2.2 branch have been backported toMark Sapiro2015-01-221-1/+4
| | | | | the 2.1 branch for release with 2.1.19. The 2.2 branch is now no different from the 2.1 branch and will no longer be maintained.
* Two potential XSS vulnerabilities have been identified and fixed.Mark Sapiro2010-09-091-3/+4
|
* HTMLFormatter.py - list_hidden didn't work for digest members. Fixed.Mark Sapiro2008-02-031-10/+6
|
* - CGI/admin.pymsapiro2007-05-081-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The email address which forms a part of the various CGI data keys in the admin membership list is now urllib.quote()ed. This allows changing options for and unsubbing an address which contains a double-quote character. - CGI/admindb.py Added additional test to not display "Database Updated ..." when coming from the login page. - CGI/roster.py, HTMLFormatter.py Changed to show hidden members when authorization is site or list's admin or moterator password. Patch 1587651. - Defaults.py.in, Handlers/Cleanse_DKIM.py Added a new REMOVE_DKIM_HEADERS Defaults.py/mm_cfg.py setting (default = No) to control removing dkim/domainkey signatures from posts and mail to -owner. - Handlers/Decorate.py, Handlers/Scrubber.py Changed to preserve format=flowed and delsp=yes in the Content-Type: of the body when adding header/footer and when scrubbing attachments and to remove trailing spaces from the header/footer lines so they won't be flowed. Bug 1495122. Fixed a scrubber issue where the i18n translated 'next part' separator can be garbled if the list charset is different from the message. - Queue/Runner.py. Queue/Switchboard.py Now that we have .bak queue entries for recovery, it is no longer the case that an unparseable message is lost. In this case, and in case of other exceptions when dequeueing, I added a preservation feature to move the .bak file to qfiles/shunt as a .psv file and write an appropriate log entry. It is also possible for an attempt to shunt a message to fail. One example that occurred in practice (bug 1656289) was caused by a huge message that threw a MemoryError in processing and then threw another MemoryError in the attempt to pickle the message for the shunt queue. In this case as well, I log and attempt to preserve the original queue entry by renaming.
* CVE-2006-3636. Fixes for various cross-site scripting issues. Discovery bybwarsaw2006-08-301-3/+8
| | | | | Moritz Naumann and most of the repair work done by Mark Sapiro (with some additional work by Barry).
* FSF office has moved to 51 Franklin Street.tkikuchi2005-08-271-1/+1
|
* FormatUsers(): The user portion of the link should honor the settingbwarsaw2003-09-291-9/+10
| | | | of self.obscure_addresses.
* This commit was manufactured by cvs2svn to create branch2003-01-021-0/+433
'Release_2_1-maint'.