aboutsummaryrefslogtreecommitdiffstats
path: root/Mailman/Utils.py (unfollow)
Commit message (Expand)AuthorFilesLines
2015-09-16Defended against a user submitting URLs with query fragments or POSTMark Sapiro1-0/+16
2015-06-23Support for HTTP_X_FORWARDED_FOR and HTTP_FORWARDED_FOR (RFC 7239) Jim Popovitch1-1/+5
2015-05-01The vette log entry for DMARC policy hits now contains the list name.Mark Sapiro1-4/+4
2015-03-27Fix for path traversal vulnerability.Mark Sapiro1-0/+6
2015-01-23Implemented the equivalent domains feature for list posting/moderation.Mark Sapiro1-0/+34
2015-01-22A number of changes from the unofficial 2.2 branch have been backported toMark Sapiro1-1/+57
2014-09-21The options CGI now rejects all but HTTP GET and POST requests.Mark Sapiro1-0/+5
2014-05-29If checking DNS for dmarc_moderation_action and DNS lookup is notMark Sapiro1-1/+5
2014-05-02Make dmarc_quarantine_moderaction_action a list setting.Mark Sapiro1-3/+2
2014-05-02More fine tuning of dmarc_moderation_action.Mark Sapiro1-8/+8
2014-04-19The new Utils.IsDMARCProhibited() used collections.defaultdict whichMark Sapiro1-3/+2
2013-12-06Fixed email address validation to do a bit better in obscure cases.Mark Sapiro1-3/+4
2013-11-08Added suuport for p=quarantine based on feedback from Franck Martin.Jim Popovitch1-0/+5
2013-10-20Incorporated some feedback from Mark S.Jim Popovitch1-1/+1
2013-03-18Handle CNAMEs when chasing DMARC TXT records.Phil Pennock1-5/+44
2013-03-03Hold/Reject/Discard moderation support for Senders with a DMARC p=reject policyJim Popovitch1-0/+39
2011-11-13Strengthened the validation of email addresses.Mark Sapiro1-8/+3
2011-09-15Strengthened the validation of email address domains.Mark Sapiro1-0/+6
2011-05-01Made the web escaping of additional characters a configuration setting.Mark Sapiro1-12/+6
2011-04-26Yet another change to the broken browser HTML escaping.Mark Sapiro1-1/+2
2011-04-26Don't try converting non-ascii to HTML entities in unicode.Mark Sapiro1-2/+5
2011-04-25Strengthened escaping of user web data by including some characters thatMark Sapiro1-0/+8
2011-03-21Changed the maximum number of arguments for the who command to beMark Sapiro1-2/+2
2010-09-09Two potential XSS vulnerabilities have been identified and fixed.Mark Sapiro1-93/+94
2009-08-01XSS protection in the web interface went too far in escaping HTMLMark Sapiro1-1/+3
2009-07-31Backported several bug fixes from the 2.2 branch.Mark Sapiro1-20/+21
2009-01-02Mailman/Utils.pyMark Sapiro1-2/+2
2008-12-05Changed the regexp for Utils.suspiciousHTML to exempt theMark Sapiro1-1/+2
2008-11-12Apply Heiko Rommel's patch for hashlib deprecation warnings for bug 293178.Barry Warsaw1-3/+14
2008-05-07Changed Utils.ValidateEmail to not allow specials (particularly ':')Mark Sapiro1-2/+9
2007-12-04Mailman/Cgi/edithtml.pyMark Sapiro1-0/+151
2007-11-25Mailman/Defaults.py.inMark Sapiro1-0/+3
2007-07-17Detect 'who' with 1 or 2 arguments as administrivia.Mark Sapiro1-2/+2
2006-08-30CVE-2006-3636. Fixes for various cross-site scripting issues. Discovery bybwarsaw1-1/+1
2006-07-30Back port Python 2.5 compatibility changes to Mailman 2.1. Specifically,bwarsaw1-3/+5
2006-06-23- Decorate.py Fixed bug 1507248 by ignoring header/footer charactersmsapiro1-2/+8
2006-03-18Improved fix for bug 1275856 to return host part of DEFAULT_URL if any frommsapiro1-7/+5
2006-03-12Fixed long standing bug (1275856) - get_domain() returned DEFAULT_EMAIL_HOSTmsapiro1-3/+8
2005-08-27FSF office has moved to 51 Franklin Street.tkikuchi1-1/+1
2005-01-16New names added to ACKNOWLEDGMENTS. Updated NEWS in preparation for 2.1.6b1.bwarsaw1-1/+1
2005-01-11Sorry, leagality of '%' and '!' is a matter of MTA (of the user's).tkikuchi1-1/+1
2005-01-11Add '%' and '!' in _badchars. They are used for source routing.tkikuchi1-1/+1
2004-12-31Secure_MakeRandomPassword(): Log an error when secure passwords were requestedbwarsaw1-0/+3
2004-12-30From the NEWS file:bwarsaw1-6/+45
2004-10-09[ 1030228 ] Mass Subscribe address with control character - can't deletetkikuchi1-1/+1
2004-09-18More error handling for oneline().tkikuchi1-1/+2
2003-12-26oneline(): Another part of TK's patch # 865661. This one adds abwarsaw1-0/+15
2003-12-01True/False where appropriate.bwarsaw1-1/+1
2003-10-07wrap(): Minor code cleaning.bwarsaw1-4/+2
2003-09-22Backporting from the HEAD -- Mailman packagebwarsaw1-4/+26