Folks,
I've been doing a bit of hacking on Mailman. The issue is that if you set member_moderation_action to be Reject instead of Hold, you can supply a nice little bit of text in member_moderation_notice, or you can let the system supply a standard text for you.
My problem is that I want to leave member_moderation_action set to Hold, and set the generic_nonmember_action to be Reject, but still supply my own text.
Let's look at how these two are handled differently. First, member_moderation_action, has the following lines in Mailman/Handlers/Moderate.py, starting at line 59:
if mlist.getMemberOption(sender, mm_cfg.Moderate):
# Note that for member_moderation_action, 0==Hold, 1=Reject,
# 2==Discard
if mlist.member_moderation_action == 0:
# Hold. BAW: WIBNI we could add the member_moderation_notice
# to the notice sent back to the sender?
msgdata['sender'] = sender
Hold.hold_for_approval(mlist, msg, msgdata,
ModeratedMemberPost)
elif mlist.member_moderation_action == 1:
# Reject
text = mlist.member_moderation_notice
if text:
text = Utils.wrap(text)
else:
# Use the default RejectMessage notice string
text = None
raise Errors.RejectMessage, text
elif mlist.member_moderation_action == 2:
# Discard. BAW: Again, it would be nice if we could send a
# discard notice to the sender
raise Errors.DiscardMessage
else:
assert 0, 'bad member_moderation_action'
# Should we do anything explict to mark this message as getting past
# this point? No, because further pipeline handlers will need to do
# their own thing.
Okay, I don't know Python, but I can kinda follow that. Notice how the value of "text" is modified depending on whether or not member_moderation_notice is empty or not, and how this code directly raises the error instead of calling a subroutine.
Now, let's consider what happens with generic_nonmember_action. We have the following lines in Mailman/Handlers/Moderate.py, starting at line 101:
# Okay, so the sender wasn't specified explicitly by any of the non-member
# moderation configuration variables. Handle by way of generic non-member
# action.
assert 0 <= mlist.generic_nonmember_action <= 4
if mlist.generic_nonmember_action == 0:
# Accept
return
elif mlist.generic_nonmember_action == 1:
Hold.hold_for_approval(mlist, msg, msgdata, Hold.NonMemberPost)
elif mlist.generic_nonmember_action == 2:
do_reject(mlist)
elif mlist.generic_nonmember_action == 3:
do_discard(mlist, msg)
Note how this does very little other than decide which subroutine to call, then call it. No check is made for member_moderation_notice, nor is any specific rejection text supplied. Let's take a look at do_reject(), starting at line 136:
def do_reject(mlist):
listowner = mlist.GetOwnerEmail()
raise Errors.RejectMessage, Utils.wrap(_("""
You are not allowed to post to this mailing list, and your message has been
automatically rejected. If you think that your messages are being rejected in
error, contact the mailing list owner at %(listowner)s."""))
This creates a hard-coded message with a %()s substitution, and sends that out.
Now, am I missing something here, or should we not be calling do_reject() in each of these cases and having just the one canonical "raise Errors.RejectMessage", and passing this routine a string to be used as the rejection notice, or allowing it to decide to fill one in for us in the case that we provide "None"?
Okay, so I modified do_reject to at least check the value of member_moderation_notice and to use that text, if it is non-empty. Here's what I've now got:
def do_reject(mlist):
listowner = mlist.GetOwnerEmail()
text = mlist.member_moderation_notice
if text:
text = Utils.wrap(text)
else:
# Use the default RejectMessage notice string
text = Utils.wrap(_("""
You are not allowed to post to this mailing list, and your message has been
automatically rejected. If you think that your messages are being rejected in
error, contact the mailing list owner at %(listowner)s."""))
# Reject this sucker
raise Errors.RejectMessage, text
This works. Well, mostly. I'd be submitting this as a patch and working on getting this put into production, if it worked completely. I know that what we should really have is a separate generic_nonmember_notice and have the routine check that instead, but I would be willing to take this as a small but significant improvement in the meanwhile.
Problem is, while we can provide a %()s substitution ourselves in the text we feed to Utils.wrap, I can't do the same thing from member_moderation_notice. Instead, it simply outputs the literal string, and gives me "<" and ">" as opposed to the real less-than/greater-than symbols that I want to use around the URLs.
I'm stumped. I don't even know what to search for in the archives of the mailman-users and mailman-developers lists.
Can anyone here lend me a clue?-- Brad Knowles, <brad@stop.mail-abuse.org>
"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755SAGE member since 1995. See <http://www.sage.org/> for more info.
At 3:56 PM +0100 2005-01-20, Brad Knowles wrote:
Problem is, while we can provide a %()s substitution ourselves in the text we feed to Utils.wrap, I can't do the same thing from member_moderation_notice. Instead, it simply outputs the literal string, and gives me "<" and ">" as opposed to the real less-than/greater-than symbols that I want to use around the URLs.
I'm stumped. I don't even know what to search for in the archives of the mailman-users and mailman-developers lists.
I just realized that I should give you folks an example of what I'm talking about. With my modified do_reject(), I put the following text into the member_moderation_notice field:
Please note that this mailing list has been closed to postings
via e-mail from non-subscribers.
If you wish to subscribe to this mailing list, please go to
the web page at <https://url.here/mailman/listinfo/listname>
and follow the instructions there.
If you think that your messages are being rejected in error,
please contact the mailing list owner at %(listowner)s.
Here's the literal text that I'm getting back in the error message:
Please note that this mailing list has been closed to postings
via e-mail from non-subscribers.
If you wish to subscribe to this mailing list, please go to
the web page at <https://url.here/mailman/listinfo/listname>
and follow the instructions there.
If you think that your messages are being rejected in error,
please contact the mailing list owner at %(listowner)s.
Notice how we have the undesirable "%lt;" and "%gt;" instead of the proper less-than/greather-than symbols, and the literal "%(listowner)s" instead of the actual listowner address.
Now, here's the default text being fed in via do_reject:
You are not allowed to post to this mailing list, and your
message has been automatically rejected. If you think that
your messages are being rejected in error, contact the
mailing list owner at %(listowner)s.
Finally, here's how that default text looks in the rejection message:
You are not allowed to post to this mailing list, and your
message has been automatically rejected. If you think that
your messages are being rejected in error, contact the
mailing list owner at listname-owner@url.here.
What process is being applied to the literal text supplied within the program, that is not being applied to the member_moderation_notice? How do I make sure that process *is* applied to the member_moderation_notice?
-- Brad Knowles, <brad@stop.mail-abuse.org>
"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755SAGE member since 1995. See <http://www.sage.org/> for more info.
Brad Knowles wrote:
At 3:56 PM +0100 2005-01-20, Brad Knowles wrote:
Problem is, while we can provide a %()s substitution ourselves in the text we feed to Utils.wrap, I can't do the same thing from member_moderation_notice. Instead, it simply outputs the literal string, and gives me "<" and ">" as opposed to the real less-than/greater-than symbols that I want to use around the URLs.
I'm stumped. I don't even know what to search for in the archives of the mailman-users and mailman-developers lists.
I just realized that I should give you folks an example of what I'm talking about. With my modified do_reject(), I put the following text into the member_moderation_notice field:
Please note that this mailing list has been closed to postings via e-mail from non-subscribers. If you wish to subscribe to this mailing list, please go to the web page at <https://url.here/mailman/listinfo/listname> and follow the instructions there. If you think that your messages are being rejected in error, please contact the mailing list owner at %(listowner)s.Here's the literal text that I'm getting back in the error message:
Please note that this mailing list has been closed to postings via e-mail from non-subscribers. If you wish to subscribe to this mailing list, please go to the web page at <https://url.here/mailman/listinfo/listname> and follow the instructions there. If you think that your messages are being rejected in error, please contact the mailing list owner at %(listowner)s.Notice how we have the undesirable "%lt;" and "%gt;" instead of the proper less-than/greather-than symbols, and the literal "%(listowner)s" instead of the actual listowner address.
Now, here's the default text being fed in via do_reject:
You are not allowed to post to this mailing list, and your message has been automatically rejected. If you think that your messages are being rejected in error, contact the mailing list owner at %(listowner)s.Finally, here's how that default text looks in the rejection message:
You are not allowed to post to this mailing list, and your message has been automatically rejected. If you think that your messages are being rejected in error, contact the mailing list owner at listname-owner@url.here.What process is being applied to the literal text supplied within the program, that is not being applied to the member_moderation_notice? How do I make sure that process *is* applied to the member_moderation_notice?
There are two different issues here I think.
First is all text entered via the web admin interface is HTML escaped resulting in the <, etc.
To avoid this, set the text for member_moderation_notice using bin/config_list instead of using the web interface.
The second issue is the non replacement of %(listowner)s in your text. As I understand it, the substitution occurs in i18n._() processing of the text. The literal text occurs in
Utils.wrap(_("""
You are not allowed to post to this mailing list, and your message has been automatically rejected. If you think that your messages are being rejected in error, contact the mailing list owner at %(listowner)s."""))
The _() method both replaces this text with the appropriate language translation if the current language is not English and does the %()s substitutions.
Your member_moderation_notice text isn't being processed in this way.
-- Mark Sapiro <msapiro@value.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
On Thu, 20 Jan 2005 18:55:51 -0800, Mark Sapiro <msapiro@value.net> wrote:
First is all text entered via the web admin interface is HTML escaped resulting in the <, etc.
To avoid this, set the text for member_moderation_notice using bin/config_list instead of using the web interface.
This generally needs a better solution. "Use bin/config_list" is fine as a solution for site admins, but isn't useful for list admins - they're basically stuck until the site admins manually handle each request.
Perhaps parsing the escaped bits or tag replacement for the text blobs submitted via the web interface? This isn't a new issue on the web, other people using python must have found some way of dealing with it.
Or, alternatively, perhaps email commands for updating the various text blobs? (that has other charset issues, but...)
Bryan
Bryan Fullerton wrote:
On Thu, 20 Jan 2005 18:55:51 -0800, Mark Sapiro <msapiro@value.net> wrote:
First is all text entered via the web admin interface is HTML escaped resulting in the <, etc.
To avoid this, set the text for member_moderation_notice using bin/config_list instead of using the web interface.
This generally needs a better solution. "Use bin/config_list" is fine as a solution for site admins, but isn't useful for list admins - they're basically stuck until the site admins manually handle each request.
Perhaps parsing the escaped bits or tag replacement for the text blobs submitted via the web interface? This isn't a new issue on the web, other people using python must have found some way of dealing with it.
I agree that it would be good to have a solution that would allow list-admins to put HTML tags or even just "&" characters in some of these fields. Currently, the 'info' field is treated specially and allows anything but a </?script.*> tag. Everything else is fully HTML escaped.
The purpose of this is to prevent XSS attacks presumably by list admins. Since the contents of these fields are displayed on the admin web pages regardless of how they are entered, if list admins are deemed untrustworthy at the site level, they shouldn't be allowed to put this stuff in by any method.
I personally know very little about XSS attacks and am unable to comment intelligently on how much security is required.
Or, alternatively, perhaps email commands for updating the various text blobs? (that has other charset issues, but...)
-- Mark Sapiro <msapiro@value.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
At 6:55 PM -0800 2005-01-20, Mark Sapiro wrote:
First is all text entered via the web admin interface is HTML escaped resulting in the <, etc.
To avoid this, set the text for member_moderation_notice using bin/config_list instead of using the web interface.
Blargh. The goal was to give us something that would be easily editable from the web interface. ;(
Okay, I can work around this.The _() method both replaces this text with the appropriate language translation if the current language is not English and does the %()s substitutions.
Your member_moderation_notice text isn't being processed in this way.
Aha! Okay, I'll try wrapping that call in _() and see if that helps.
Thanks!-- Brad Knowles, <brad@stop.mail-abuse.org>
"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755SAGE member since 1995. See <http://www.sage.org/> for more info.
At 9:08 AM +0100 2005-01-21, Brad Knowles wrote:
The _() method both replaces this text with the appropriate language translation if the current language is not English and does the %()s substitutions.
Your member_moderation_notice text isn't being processed in this way.
Aha! Okay, I'll try wrapping that call in _() and see if that helps.
Indeed, this solved the problem. I have since created a patch and uploaded that to <http://sourceforge.net/tracker/index.php?func=detail&aid=1107169&group_id=103&atid=300103>. I'd appreciate it if people would take a look at this patch and give me feedback as to whether or not this looks useful.
In particular, I'd like to get this (or something like it) incorporated into an upcoming version of 2.1.6 and into the version of Mailman that we're running on python.org. This will allow us to present a more friendly face to the non-subscribers who try to post to the mailman-developers and mailman-users mailing lists, among others.
-- Brad Knowles, <brad@stop.mail-abuse.org>
"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755SAGE member since 1995. See <http://www.sage.org/> for more info.
participants (3)
-
Brad Knowles -
Bryan Fullerton -
Mark Sapiro