Ralf Jung has proposed merging lp:~ralfjung-e/mailman/csrf-injective into lp:mailman/2.1.
Commit message: Separate data in CSRF token by colon to avoid collisions. Requested reviews: Mailman Coders (mailman-coders) For more details, see: https://code.launchpad.net/~ralfjung-e/mailman/csrf-injective/+merge/347340 This makes the data-to-token function injective. Previously, for example, the list called "list1" and the IP "10.0.0.0" would have the same hash as the list called "list" and the IP "110.0.0.0", as the strings were just concatenated. -- Your team Mailman Checkins is subscribed to branch lp:mailman/2.1. _______________________________________________ Mailman-checkins mailing list Mailman-checkins@python.org Unsubscribe: https://mail.python.org/mailman/options/mailman-checkins/archive%40jab.org
