jimpop has proposed merging lp:mailman/2.1 into lp:~jimpop/mailman/forwarded_for.
Commit message: Support for HTTP_X_FORWARDED_FOR and HTTP_FORWARDED_FOR (RFC 7239) Requested reviews: jimpop (jimpop) Related bugs: Bug #265848 in GNU Mailman: "Tiny mistake on the remove a list webpage" https://bugs.launchpad.net/mailman/+bug/265848 Bug #265941 in GNU Mailman: "gate_news: Handling missing groups" https://bugs.launchpad.net/mailman/+bug/265941 Bug #265967 in GNU Mailman: "Breaking signatures in message/rfc822 attachement!" https://bugs.launchpad.net/mailman/+bug/265967 Bug #266106 in GNU Mailman: "Tend to Pending Moderator Requests breaks on a few lists" https://bugs.launchpad.net/mailman/+bug/266106 Bug #266164 in GNU Mailman: "Private archive specific message URL lost in authorization" https://bugs.launchpad.net/mailman/+bug/266164 Bug #266391 in GNU Mailman: "difficult to use radio and check boxes in admin interface" https://bugs.launchpad.net/mailman/+bug/266391 Bug #266428 in GNU Mailman: "missing MIME decodes for Subject headers" https://bugs.launchpad.net/mailman/+bug/266428 Bug #266442 in GNU Mailman: "UNsubscribe NON-subscribers?!" https://bugs.launchpad.net/mailman/+bug/266442 Bug #266572 in GNU Mailman: "Fix to fallback of thread by subject" https://bugs.launchpad.net/mailman/+bug/266572 Bug #266609 in GNU Mailman: "Auto Approval of subscriptions for certain domains" https://bugs.launchpad.net/mailman/+bug/266609 Bug #266754 in GNU Mailman: "Add names to roster" https://bugs.launchpad.net/mailman/+bug/266754 Bug #266809 in GNU Mailman: "Feature Request: Admin change subscriber's e-mail" https://bugs.launchpad.net/mailman/+bug/266809 Bug #277630 in GNU Mailman: "mistyped symbol in russian template" https://bugs.launchpad.net/mailman/+bug/277630 Bug #280418 in GNU Mailman: "bin/arch --wipe removes empty archive directories" https://bugs.launchpad.net/mailman/+bug/280418 Bug #284802 in GNU Mailman: "check_perms script is not taking care on digest.mbox files" https://bugs.launchpad.net/mailman/+bug/284802 Bug #297795 in GNU Mailman: "Duplicate message removale using case-sensitive email address comparison" https://bugs.launchpad.net/mailman/+bug/297795 Bug #299220 in GNU Mailman: "Plus char ('+') in subscribed address breaks cookies" https://bugs.launchpad.net/mailman/+bug/299220 Bug #308152 in GNU Mailman: "unicodedecode still kills things" https://bugs.launchpad.net/mailman/+bug/308152 Bug #309757 in GNU Mailman: "Spelling error and grammatical error on "Privacy options" page" https://bugs.launchpad.net/mailman/+bug/309757 Bug #310124 in GNU Mailman: "URL link in archive includes surrounding apostrophe" https://bugs.launchpad.net/mailman/+bug/310124 Bug #312119 in GNU Mailman: "list_lists help message French translation is incomplete" https://bugs.launchpad.net/mailman/+bug/312119 Bug #318794 in GNU Mailman: "Suspicious HTML in default user-specific options template" https://bugs.launchpad.net/mailman/+bug/318794 Bug #325016 in GNU Mailman: "Unable to process subscription requests" https://bugs.launchpad.net/mailman/+bug/325016 Bug #327008 in GNU Mailman: "Shunting messages when topic-keyword is defined twice" https://bugs.launchpad.net/mailman/+bug/327008 Bug #328353 in GNU Mailman: "decoding unicode (still) not supported bug" https://bugs.launchpad.net/mailman/+bug/328353 Bug #328907 in GNU Mailman: "Simple patch to make genaliases explicitly vmap to @localhost" https://bugs.launchpad.net/mailman/+bug/328907 Bug #407625 in GNU Mailman: "misc/Makefile.in missing DESTDIR variable" https://bugs.launchpad.net/mailman/+bug/407625 Bug #411192 in GNU Mailman: "wrong path usage in check_perms_grsecurity.py" https://bugs.launchpad.net/mailman/+bug/411192 Bug #412293 in GNU Mailman: "qmail-to-mailman.py missing commands" https://bugs.launchpad.net/mailman/+bug/412293 Bug #418728 in GNU Mailman: "bounce notification does not include reason" https://bugs.launchpad.net/mailman/+bug/418728 Bug #426979 in GNU Mailman: "Mistakes in mailman strings." https://bugs.launchpad.net/mailman/+bug/426979 Bug #427962 in GNU Mailman: "Replybot sends wrong reply for list-join mail" https://bugs.launchpad.net/mailman/+bug/427962 Bug #514050 in GNU Mailman: "listinfo.html templates have a misplaced form start tag" https://bugs.launchpad.net/mailman/+bug/514050 Bug #526143 in GNU Mailman: "List-Post header should be retained in MIME digest messages" https://bugs.launchpad.net/mailman/+bug/526143 Bug #529100 in GNU Mailman: "Initial 'emptyarchive' page can have wrong host name in listinfo page link" https://bugs.launchpad.net/mailman/+bug/529100 Bug #530654 in GNU Mailman: "Active button on /cgi-bin/mailman/confirm is 'cancel'" https://bugs.launchpad.net/mailman/+bug/530654 Bug #533468 in GNU Mailman: "admindb interface applies action to not yet seen messages from user." https://bugs.launchpad.net/mailman/+bug/533468 Bug #545772 in GNU Mailman: "An error in Simplified Chinese translation" https://bugs.launchpad.net/mailman/+bug/545772 Bug #558096 in GNU Mailman: "more verbose "discarded" message in vette log" https://bugs.launchpad.net/mailman/+bug/558096 Bug #558240 in GNU Mailman: "Make password mailing RFC 3834 compliant" https://bugs.launchpad.net/mailman/+bug/558240 Bug #558253 in GNU Mailman: "Report only bad emails in emaillistex" https://bugs.launchpad.net/mailman/+bug/558253 Bug #558254 in GNU Mailman: "Log error on screwed-up template in archiver" https://bugs.launchpad.net/mailman/+bug/558254 Bug #558274 in GNU Mailman: "Add support for digest_size_threshold = 0" https://bugs.launchpad.net/mailman/+bug/558274 Bug #576675 in GNU Mailman: "Content filtering fails to collapse alternatives." https://bugs.launchpad.net/mailman/+bug/576675 Bug #587657 in GNU Mailman: "bin/genaliases throws TypeError if MTA = None." https://bugs.launchpad.net/mailman/+bug/587657 Bug #597741 in GNU Mailman: "Lists missing from listinfo and admin overviews if host contains :port." https://bugs.launchpad.net/mailman/+bug/597741 Bug #598671 in GNU Mailman: "KeyError in admindb when acting on a previously handled post." https://bugs.launchpad.net/mailman/+bug/598671 Bug #629738 in GNU Mailman: "admindb details doesn't decode message body." https://bugs.launchpad.net/mailman/+bug/629738 Bug #632660 in GNU Mailman: "Errors in interpolation formats in strings can cause shunted messages." https://bugs.launchpad.net/mailman/+bug/632660 Bug #725498 in GNU Mailman: "expose message-id to templates" https://bugs.launchpad.net/mailman/+bug/725498 Bug #1068837 in GNU Mailman: "Automatic rejects of incoming posts are not logged." https://bugs.launchpad.net/mailman/+bug/1068837 Bug #1074592 in GNU Mailman: "Qmail detector fails on non-ASCII messages" https://bugs.launchpad.net/mailman/+bug/1074592 Bug #1079249 in GNU Mailman: "mail.ru bounces support" https://bugs.launchpad.net/mailman/+bug/1079249 Bug #1079254 in GNU Mailman: "Doesn't handle sendmail bounces properly" https://bugs.launchpad.net/mailman/+bug/1079254 Bug #1082308 in GNU Mailman: "The qrunner-master lock file causes issues when running clustered" https://bugs.launchpad.net/mailman/+bug/1082308 Bug #1082711 in GNU Mailman: "bin/list_lists needs an option for listing only lists with public archives." https://bugs.launchpad.net/mailman/+bug/1082711 Bug #1082746 in GNU Mailman: "Automated processes can swamp a list with web subscription requests." https://bugs.launchpad.net/mailman/+bug/1082746 Bug #1098162 in GNU Mailman: "mailman 1:2.1.15-1 FTBFS on amd64 in raring" https://bugs.launchpad.net/mailman/+bug/1098162 Bug #1129742 in GNU Mailman: "New Majordomo-to-Mailman-2.x import script" https://bugs.launchpad.net/mailman/+bug/1129742 Bug #1138578 in GNU Mailman: "pt_BR message typo" https://bugs.launchpad.net/mailman/+bug/1138578 Bug #1157961 in GNU Mailman: "Bounce processing fails to recognize a particular Yahoo bounce" https://bugs.launchpad.net/mailman/+bug/1157961 Bug #1160138 in GNU Mailman: "The Spanish (es) message catalog has several errors." https://bugs.launchpad.net/mailman/+bug/1160138 Bug #1160647 in GNU Mailman: "request forgery check displayed when only viewing admin pages" https://bugs.launchpad.net/mailman/+bug/1160647 Bug #1161445 in GNU Mailman: "Localization issue with 'remove_members' and possible fix" https://bugs.launchpad.net/mailman/+bug/1161445 Bug #1161610 in GNU Mailman: "BounceRunner can create and leave behind zero length bounce-events files." https://bugs.launchpad.net/mailman/+bug/1161610 Bug #1161642 in GNU Mailman: "The subscribe log entry for a bin/add_members subscribe doesn't say where it came from." https://bugs.launchpad.net/mailman/+bug/1161642 Bug #1164160 in GNU Mailman: "The admindb summaries of held subscriptions and unsubscriptions are unsorted." https://bugs.launchpad.net/mailman/+bug/1164160 Bug #1165589 in GNU Mailman: "Switchboard fails to log the error message with some exceptions." https://bugs.launchpad.net/mailman/+bug/1165589 Bug #1187201 in GNU Mailman: "It is possible to add addresses to *_these_nonmembers from the admindb interface that cause later problems." https://bugs.launchpad.net/mailman/+bug/1187201 Bug #1189558 in GNU Mailman: "mailmanctl -s will remove non-stale locks" https://bugs.launchpad.net/mailman/+bug/1189558 Bug #1190802 in GNU Mailman: "admin interface CSRF check fails if listname contains '+'" https://bugs.launchpad.net/mailman/+bug/1190802 Bug #1200763 in GNU Mailman: "bin/newlist should be more helpful when reporting bad owner address" https://bugs.launchpad.net/mailman/+bug/1200763 Bug #1203200 in GNU Mailman: "cron/disabled sends stale cookies and can make invalid calls to _BounceInfo()" https://bugs.launchpad.net/mailman/+bug/1203200 Bug #1234567 in GNU Mailman: "Czech catalog bug" https://bugs.launchpad.net/mailman/+bug/1234567 Bug #1235101 in GNU Mailman: "Mailman 2.1.15 and later crashes on more email" https://bugs.launchpad.net/mailman/+bug/1235101 Bug #1241770 in GNU Mailman: "PATCH: Installation with DESTDIR leaves DESTDIR/ prefixes in .pyc files" https://bugs.launchpad.net/mailman/+bug/1241770 Bug #1243343 in GNU Mailman: "bin/sync_members throws UnicodeDecodeError with non-ascii names." https://bugs.launchpad.net/mailman/+bug/1243343 Bug #1246039 in GNU Mailman: "Non-standard headers can leak sender information to anonymous lists." https://bugs.launchpad.net/mailman/+bug/1246039 Bug #1248855 in GNU Mailman: "Mailman 2.1.16 Japanese translation update" https://bugs.launchpad.net/mailman/+bug/1248855 Bug #1251495 in GNU Mailman: "Lists with topics enabled can throw unexpected keyword argument 'Delete' exception." https://bugs.launchpad.net/mailman/+bug/1251495 Bug #1251917 in GNU Mailman: "The sample init.d/mailman script lacks a reopen command." https://bugs.launchpad.net/mailman/+bug/1251917 Bug #1252575 in GNU Mailman: "The Mail<->News gateway doesn't honor moderation or *_these_nonmembers for messages gated from usnet." https://bugs.launchpad.net/mailman/+bug/1252575 Bug #1257112 in GNU Mailman: "If AUTHENTICATION_COOKIE_LIFETIME is non-zero, some cookies are not refreshed and expire too soon." https://bugs.launchpad.net/mailman/+bug/1257112 Bug #1258703 in GNU Mailman: "Email address validation incorrectly rejects local parts beginning with hyphen and accepts domain pieces beginning with hyphen." https://bugs.launchpad.net/mailman/+bug/1258703 Bug #1260883 in GNU Mailman: "bin/arch with the --start option creates scrubbed attachments for skipped messages." https://bugs.launchpad.net/mailman/+bug/1260883 Bug #1262950 in GNU Mailman: "Recent changes cause a few tests/test_handlers.py tests to fail" https://bugs.launchpad.net/mailman/+bug/1262950 Bug #1263247 in GNU Mailman: "Bounce warnings from kundenserver.de are not recognized" https://bugs.launchpad.net/mailman/+bug/1263247 Bug #1267003 in GNU Mailman: "POSTFIX_STYLE_VIRTUAL_DOMAINS must be case-insensitively" https://bugs.launchpad.net/mailman/+bug/1267003 Bug #1275964 in GNU Mailman: "error in templates/fr/listinfo.html when digests are disabled" https://bugs.launchpad.net/mailman/+bug/1275964 Bug #1277744 in GNU Mailman: "confirm CGI says subscription requires approval for invitations." https://bugs.launchpad.net/mailman/+bug/1277744 Bug #1279667 in GNU Mailman: "from_is_list modifications should not apply to Mailman generated messages" https://bugs.launchpad.net/mailman/+bug/1279667 Bug #1282365 in GNU Mailman: "Crash in ListAdmin.py when moderator preserves a message and HOLD_MESSAGES_AS_PICKLES = No" https://bugs.launchpad.net/mailman/+bug/1282365 Bug #1291038 in GNU Mailman: "cron/nightly_gzip throws NameError if given -h option." https://bugs.launchpad.net/mailman/+bug/1291038 Bug #1295875 in GNU Mailman: "Several Mailman log messages fail to include the list name or module name." https://bugs.launchpad.net/mailman/+bug/1295875 Bug #1304511 in GNU Mailman: "The from_is_list feature does not identify the poster in From: if the poster's From: has no display name." https://bugs.launchpad.net/mailman/+bug/1304511 Bug #1307454 in GNU Mailman: "Admin Membership List Find member search string is lost when letters are chunked." https://bugs.launchpad.net/mailman/+bug/1307454 Bug #1308655 in GNU Mailman: "Bounce processing notifications can be sent in the wrong language." https://bugs.launchpad.net/mailman/+bug/1308655 Bug #1311431 in GNU Mailman: "The DMARC Munge From action results in the author's email address to not be in archives or plain digests." https://bugs.launchpad.net/mailman/+bug/1311431 Bug #1312970 in GNU Mailman: "DMARC munge action breaks CC: header with full personalization" https://bugs.launchpad.net/mailman/+bug/1312970 Bug #1313010 in GNU Mailman: "DMARC change breaks reply_goes_to_list" https://bugs.launchpad.net/mailman/+bug/1313010 Bug #1313146 in GNU Mailman: "Precedence header differs between moderation and list emails" https://bugs.launchpad.net/mailman/+bug/1313146 Bug #1315970 in GNU Mailman: "The DMARC Munge From action inconsistently removes the original Sender: header." https://bugs.launchpad.net/mailman/+bug/1315970 Bug #1316682 in GNU Mailman: "The DMARC Wrap Message action is incompatible with some older Python email libraries." https://bugs.launchpad.net/mailman/+bug/1316682 Bug #1318025 in GNU Mailman: "The DMARC mitigatation actions do not include a Reply-To: header in rare cases." https://bugs.launchpad.net/mailman/+bug/1318025 Bug #1324541 in GNU Mailman: "If the dnspython package is not available and dmarc_moderation_action is not accept, nothing is logged." https://bugs.launchpad.net/mailman/+bug/1324541 Bug #1327404 in GNU Mailman: "Mailman's log files are world readable" https://bugs.launchpad.net/mailman/+bug/1327404 Bug #1331194 in GNU Mailman: "French translation on main Mailman page" https://bugs.launchpad.net/mailman/+bug/1331194 Bug #1334450 in GNU Mailman: "If a message is held for header_filter_rules and subsequently approved, dmarc_moderation_action is bypassed." https://bugs.launchpad.net/mailman/+bug/1334450 Bug #1360616 in GNU Mailman: "mailman: case-sensitivity issue in tarball for 2.18.1-1" https://bugs.launchpad.net/mailman/+bug/1360616 Bug #1363278 in GNU Mailman: "REMOVE_DKIM_HEADERS value 2 not reacted to" https://bugs.launchpad.net/mailman/+bug/1363278 Bug #1371678 in GNU Mailman: "The list poster password should be accepted in an Urgent: header." https://bugs.launchpad.net/mailman/+bug/1371678 Bug #1372199 in GNU Mailman: "in emails, unsubscribe links should not react to HTTP HEAD requests" https://bugs.launchpad.net/mailman/+bug/1372199 Bug #1382150 in GNU Mailman: "feature request: add option for list owner to receive copies of all bounce mail" https://bugs.launchpad.net/mailman/+bug/1382150 Bug #1388614 in GNU Mailman: "archive problem when an email got not subject" https://bugs.launchpad.net/mailman/+bug/1388614 Bug #1390653 in GNU Mailman: "If a user is unsubscribed after retrieving her options page and before submitting an unsub, an uncaught exception is thrown" https://bugs.launchpad.net/mailman/+bug/1390653 Bug #1397170 in GNU Mailman: "admin CGI throws UnicodeDecodeError when certain list text attrubutes are unicodes" https://bugs.launchpad.net/mailman/+bug/1397170 Bug #1400200 in GNU Mailman: "Confirmations with Subject: Re:confirm ... aren't recognized." https://bugs.launchpad.net/mailman/+bug/1400200 Bug #1400988 in GNU Mailman: "The Subject: of the list welcome message isn't always in the users preferred language." https://bugs.launchpad.net/mailman/+bug/1400988 Bug #1402989 in GNU Mailman: "Mailman 2.1.18-1+ Japanese translation update" https://bugs.launchpad.net/mailman/+bug/1402989 Bug #1403462 in GNU Mailman: "listaddr and listadmin variables have not properly substituted in invite.txt template" https://bugs.launchpad.net/mailman/+bug/1403462 Bug #1404511 in GNU Mailman: "No way to change default setting to mass-invite instead of mass-subscribe in admin interface" https://bugs.launchpad.net/mailman/+bug/1404511 Bug #1407098 in GNU Mailman: "When munging From and Reply-To, add original author To Cc instead of Reply-To" https://bugs.launchpad.net/mailman/+bug/1407098 Bug #1408575 in GNU Mailman: "Python Powered logo is an old versiom" https://bugs.launchpad.net/mailman/+bug/1408575 Bug #1409396 in GNU Mailman: "It is difficult to add css or other info to Mailman's generated pages." https://bugs.launchpad.net/mailman/+bug/1409396 Bug #1414864 in GNU Mailman: "If a list name contains regexp special characters, bin/rmlist can fail in various ways" https://bugs.launchpad.net/mailman/+bug/1414864 Bug #1415406 in GNU Mailman: "Message excerpt corruption on admindb Web UI" https://bugs.launchpad.net/mailman/+bug/1415406 Bug #1415489 in GNU Mailman: "translation doesn't work for the confim subscribing interface's main block" https://bugs.launchpad.net/mailman/+bug/1415489 Bug #1417093 in GNU Mailman: "list of users approved for any list on the site" https://bugs.launchpad.net/mailman/+bug/1417093 Bug #1418448 in GNU Mailman: "Change encoding of Russian messages to UTF-8 by default" https://bugs.launchpad.net/mailman/+bug/1418448 Bug #1418735 in GNU Mailman: "iso-8859-2 is inappropraite for Romanian - should be utf-8" https://bugs.launchpad.net/mailman/+bug/1418735 Bug #1419132 in GNU Mailman: "An Organization: header is not removed from posts to anonymous lists." https://bugs.launchpad.net/mailman/+bug/1419132 Bug #1423323 in GNU Mailman: "Revised Interlingua (ia) translation for Mailman 2.1.19" https://bugs.launchpad.net/mailman/+bug/1423323 Bug #1426825 in GNU Mailman: "CommandRunner throws KeyError" https://bugs.launchpad.net/mailman/+bug/1426825 Bug #1426829 in GNU Mailman: "CommandRunner can look too far for command words and 'Subject: Re: Command is case sensitive." https://bugs.launchpad.net/mailman/+bug/1426829 Bug #1427389 in GNU Mailman: "SpamDetect throws LookupError if a message has an RFC 2047 encoded header with an unknown encoding." https://bugs.launchpad.net/mailman/+bug/1427389 Bug #1437145 in GNU Mailman: "Path traversal vulnerability exists in Mailman and can be exploited if Mailman's MTA is Exim." https://bugs.launchpad.net/mailman/+bug/1437145 Bug #1442298 in GNU Mailman: "Find member does not match name in multibyte characters" https://bugs.launchpad.net/mailman/+bug/1442298 Bug #1444673 in GNU Mailman: "Anonymous lists can expose the sending domain." https://bugs.launchpad.net/mailman/+bug/1444673 Bug #1447445 in GNU Mailman: "Web subscribe can fail in cases of load balancers or other devices." https://bugs.launchpad.net/mailman/+bug/1447445 Bug #1450826 in GNU Mailman: "DMARC entries in the vette log don't include the list name." https://bugs.launchpad.net/mailman/+bug/1450826 Bug #1459236 in GNU Mailman: "Mailman/Postfix integration doesn't generate virtual maps for all site list domains." https://bugs.launchpad.net/mailman/+bug/1459236 Bug #1462755 in GNU Mailman: "qrunner crashes on invalid unicode sequence" https://bugs.launchpad.net/mailman/+bug/1462755 For more details, see: https://code.launchpad.net/~mailman-coders/mailman/2.1/+merge/262716 This branch adds support for HTTP_X_FORWARDED_FOR and HTTP_FORWARDED_FOR, it also removes REMOTE_HOST as that is never reliable (i.e. the data for REMOTE_HOST is defined elsewhere and subject to change). This branch also identifies the remote IP in "Possible malformed path attack" errors. -- Your team Mailman Checkins is subscribed to branch lp:mailman/2.1. _______________________________________________ Mailman-checkins mailing list Mailman-checkins@python.org Unsubscribe: https://mail.python.org/mailman/options/mailman-checkins/archive%40jab.org
