Update of /cvsroot/mailman/mailman/Mailman
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv28659
Modified Files:
Tag: Release_2_1-maint
SecurityManager.py Utils.py
Log Message:
[ 1030228 ] Mass Subscribe address with control character - can't delete
Also, '/' can be used now.
Index: SecurityManager.py
===================================================================
RCS file: /cvsroot/mailman/mailman/Mailman/SecurityManager.py,v
retrieving revision 2.20.2.3
retrieving revision 2.20.2.4
diff -u -d -r2.20.2.3 -r2.20.2.4
--- SecurityManager.py 3 Jan 2004 01:13:26 -0000 2.20.2.3
+++ SecurityManager.py 9 Oct 2004 04:15:41 -0000 2.20.2.4
@@ -103,7 +103,7 @@
# A bad system error
raise TypeError, 'No user supplied for AuthUser context'
secret = self.getMemberPassword(user)
- key += 'user+%s' % Utils.ObscureEmail(user)
+ key += 'user+%s' % Utils.ObscureEmail(user).replace('/','%2f')
elif authcontext == mm_cfg.AuthListModerator:
secret = self.mod_password
key += 'moderator'
Index: Utils.py
===================================================================
RCS file: /cvsroot/mailman/mailman/Mailman/Utils.py,v
retrieving revision 2.45.2.8
retrieving revision 2.45.2.9
diff -u -d -r2.45.2.8 -r2.45.2.9
--- Utils.py 18 Sep 2004 06:51:47 -0000 2.45.2.8
+++ Utils.py 9 Oct 2004 04:15:41 -0000 2.45.2.9
@@ -199,7 +199,7 @@
# TBD: what other characters should be disallowed?
-_badchars = re.compile(r'[][()<>|;^,/\200-\377]')
+_badchars = re.compile(r'[][()<>|;^,\000-\037\177-\377]')
def ValidateEmail(s):
"""Verify that the an email address isn't grossly evil."""
_______________________________________________
Mailman-checkins mailing list
[EMAIL PROTECTED]
Unsubscribe: http://mail.python.org/mailman/options/mailman-checkins/archive%40jab.org
