------------------------------------------------------------
revno: 1092
committer: Mark Sapiro <[email protected]>
branch nick: 2.2
timestamp: Thu 2010-02-04 17:24:51 -0800
message:
We now give an HTTP 401 status for authentication failures from admin,
admindb, private and options logins.
modified:
Mailman/Cgi/Auth.py
Mailman/Cgi/options.py
Mailman/Cgi/private.py
NEWS
--
lp:mailman/2.2
https://code.launchpad.net/~mailman-coders/mailman/2.2
Your team Mailman Checkins is subscribed to branch lp:mailman/2.2.
To unsubscribe from this branch go to
https://code.launchpad.net/~mailman-coders/mailman/2.2/+edit-subscription.
=== modified file 'Mailman/Cgi/Auth.py'
--- Mailman/Cgi/Auth.py 2005-08-27 01:40:17 +0000
+++ Mailman/Cgi/Auth.py 2010-02-05 01:24:51 +0000
@@ -1,4 +1,4 @@
-# Copyright (C) 1998,1999,2000,2001,2002 by the Free Software Foundation, Inc.
+# Copyright (C) 1998-2010 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
@@ -42,6 +42,8 @@
actionurl = Utils.GetRequestURI(url)
if msg:
msg = FontAttr(msg, color='#ff0000', size='+1').Format()
+ # give an HTTP 401 for authentication failure
+ print 'Status: 401 Unauthorized'
if scriptname == 'admindb':
who = _('Moderator')
else:
=== modified file 'Mailman/Cgi/options.py'
--- Mailman/Cgi/options.py 2009-03-14 22:18:51 +0000
+++ Mailman/Cgi/options.py 2010-02-05 01:24:51 +0000
@@ -1,4 +1,4 @@
-# Copyright (C) 1998-2009 by the Free Software Foundation, Inc.
+# Copyright (C) 1998-2010 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
@@ -253,6 +253,8 @@
'Login failure with private rosters: %s',
user)
user = None
+ # give an HTTP 401 for authentication failure
+ print 'Status: 401 Unauthorized'
loginpage(mlist, doc, user, language)
print doc.Format()
return
=== modified file 'Mailman/Cgi/private.py'
--- Mailman/Cgi/private.py 2010-01-22 04:39:14 +0000
+++ Mailman/Cgi/private.py 2010-02-05 01:24:51 +0000
@@ -131,6 +131,8 @@
if cgidata.has_key('submit'):
# This is a re-authorization attempt
message = Bold(FontSize('+1', _('Authorization failed.'))).Format()
+ # give an HTTP 401 for authentication failure
+ print 'Status: 401 Unauthorized'
# Are we processing a password reminder from the login screen?
if cgidata.has_key('login-remind'):
if username:
=== modified file 'NEWS'
--- NEWS 2010-01-22 04:39:14 +0000
+++ NEWS 2010-02-05 01:24:51 +0000
@@ -83,6 +83,9 @@
Bug Fixes and other patches
+ - We now give an HTTP 401 status for authentication failures from admin,
+ admindb, private and options logins.
+
- Fixed a bug where going to an archives/private/list.mbox/list.mbox URL
would result in a munged URL if authentication was required. Bug #266164.
_______________________________________________
Mailman-checkins mailing list
[email protected]
Unsubscribe:
http://mail.python.org/mailman/options/mailman-checkins/archive%40jab.org
