[Mailman-Developers] Thoughts on processing for pre-approved messages
Mark Sapiro
mark at msapiro.net
Sun Mar 18 18:59:32 CET 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 3/18/2012 3:28 AM, Stephen J. Turnbull wrote:
>
> ... Having both one or more Handlers and a special seems like
> overkill, especially since really one checks the header and the
> other deletes, completely different functionality. Wouldn't it be
> better to have a class variable Mlist.approval_headers =
> ["Approve", "X-Approve"] and have
>
> for h in mlist.approval_headers: if msg[h] ==
> mlist.moderator_password: return True return False
>
> for the chain rule and
>
> for h in mlist.approval_headers: del msg[h]
>
> in a RemoveApprovalHeaders.py pipeline handler?
If that were all that was required, that would be fine. The problem is
that we allow approval via a pseudo-header as the first non-blank body
line in the first text/plain part of the message, and we have to look
for it there and if found, not only remove it from that part, but also
from any alternative parts in which it might appear.
It's the removal of this pseudo-header from text/html alternatives
that is the hard part. See the comment thread at
<https://bugs.launchpad.net/mailman/+bug/266220>.
> ... I think that more likely the problem will be that people will
> misspell the header, or use it in list that doesn't support
> approval-by-header, or grab an incorrect password out of an old
> message, or whatever.
Incorrect password is not an issue because we remove it anyway. The
other things *should* not be a problem because in theory the poster
wouldn't use the header if it weren't required, and in that case, the
post will be held since it isn't pre-approved. Of course in practice,
held posts get approved even if they might leak a password and users
do all sorts of things that don't make sense :(
- --
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
iD8DBQFPZiKDVVuXXpU7hpMRAnmWAKD8z234ZKDZGFkAah8jiVW4/Zmd1wCgrtF8
tzWfzmXSJ1uycAo3yeMLpQA=
=08Vm
-----END PGP SIGNATURE-----
More information about the Mailman-Developers
mailing list