[Mailman-checkins] [Branch ~mailman-coders/mailman/2.2] Rev 1249: Defended against buggy web servers that don't include an empty

Sat, 06 Apr 2013 22:58:18 -0700 

------------------------------------------------------------
revno: 1249
committer: Mark Sapiro <[email protected]>
branch nick: 2.2
timestamp: Sat 2013-04-06 22:56:29 -0700
message:
  Defended against buggy web servers that don't include an empty
  QUERY_STRING in the CGI environment.  (LP: 1160647)
modified:
  NEWS
  scripts/driver


--
lp:mailman/2.2
https://code.launchpad.net/~mailman-coders/mailman/2.2

Your team Mailman Checkins is subscribed to branch lp:mailman/2.2.
To unsubscribe from this branch go to 
https://code.launchpad.net/~mailman-coders/mailman/2.2/+edit-subscription

=== modified file 'NEWS'
--- NEWS	2013-04-07 00:55:28 +0000
+++ NEWS	2013-04-07 05:56:29 +0000
@@ -102,6 +102,9 @@
 
   Bug Fixes and other patches
 
+    - Defended against buggy web servers that don't include an empty
+      QUERY_STRING in the CGI environment.  (LP: 1160647)
+
     - The Switchboard.finish() method now logs the text of the exception when
       it fails to unlink/preserve a .bak file.  (LP: 1165589)
 

=== modified file 'scripts/driver'
--- scripts/driver	2010-08-08 21:23:25 +0000
+++ scripts/driver	2013-04-07 05:56:29 +0000
@@ -1,6 +1,6 @@
 # -*- python -*-
 
-# Copyright (C) 1998-2010 by the Free Software Foundation, Inc.
+# Copyright (C) 1998-2013 by the Free Software Foundation, Inc.
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License
@@ -92,6 +92,11 @@
         # Mailman.Cgi package.  That module must have a main() function, which
         # we dig out and call.
         scriptname = sys.argv[1]
+        # Then we truncate sys.argv because buggy web servers have been
+        # observed which do not provide an empty QUERY_STRING in the
+        # environment which causes cgi.FieldStorage() to add sys.argv[1:] to
+        # the constructed instance.
+        del sys.argv[1:]
         # See the reference manual for why we have to do things this way.
         # Note that importing should have no side-effects!
         pkg = __import__('Mailman.Cgi', globals(), locals(), [scriptname])


_______________________________________________
Mailman-checkins mailing list
[email protected]
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-checkins/archive%40jab.org

Reply via email to