On Monday 11 February 2013 17:12:55 John Pinner wrote: > On 11 February 2013 15:53, Giovanni Bajo <ra...@develer.com> wrote: > > Hello, > > > > we have a static form on the EuroPython website that is used to quickly > > subscribe an user to the mailing list. > > > > The static form sends a POST to the URL > > http://mail.python.org/mailman/subscribe/europython. It used to work last > > year, but it is now broken, with this message: > > > > You must GET the form before submitting it. > > > > It looks like it is some sort of XSS protection. Can we get around it, > > eg: disabling it for the europython list? > > The list runs on a python.org machine 'somewhere in the ether'. We do not > have any kind of admin access to that machine. So, if something cannot be > done through the mailman admin panel, it cannot be done (by any of us).
Yes, I recommend getting in contact with the Mailman administrators at python.org (for specific advice) and/or the Mailman developers via one of their lists (to see if there's a recommended solution in general for Mailman). Details of both can be found here: http://mail.python.org/mailman/listinfo Failing a solution from their side, you could always write a server-side script that does the necessary GET, presumably to obtain a suitable token, and then performs a POST, but it could be tricky to get right. Paul _______________________________________________ Europython-improve mailing list Europython-improve@python.org http://mail.python.org/mailman/listinfo/europython-improve
