On 4/21/20 3:30 AM, Chris Joyce wrote:
Hi,
I would like to know how easy it would be to change the name of the user cookie? ... If someone could let me know, yes its possible that would be great. Actually if someone could say look at this file and that file that would be a great help too.
The relevant code is Mailman/SecurityManager.py line 108 which says
userdata = urllib.quote(Utils.ObscureEmail(user), safe='')Utils.ObscureEmail(user) is what replaces the '@' in the email address with '--at--'. I think it would be fine to just change that line to
userdata = urllib.quote(user, safe='')This will leave the '@' unchanged in user, but urllib.quote will change
it to %40 which I think is OK. The Cookie name is a 'token' as defined
in RFC 2616, sec 2.2 and allows '%' (but not '@'). The inversion at
lines 318-319 does Utils.UnobscureEmail(urllib.unquote(u)).
urllib.unquote will convert %40 back to @ and UnobscureEmail will ignore
the '@', so all should be good.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan