[Mailman-Users] error message while adding members
fmouse-mailman at fmp.com
Sat Nov 3 19:54:02 CET 2012
On Sat, 2012-11-03 at 23:19 +0530, Amit Bhatt wrote:
> Dear Lindsay,
> Thanks for your excellent suggestion, it has worked for me!
> Now the subscription is being done smoothly.
This addresses the symptom, but not the underlying problem, which may
recur. HTTP caching can be fairly complex, and your local browser cache
is simply the last link in the chain. Clearing your browser's cache
each time before loading this form will avoid the problem, but not solve
it, and it shouldn't be necessary.
Deleting your browser cache forces a refresh from the server, or proxy
server, but the underlying problem is that your browser _thinks_ that it
has the most recent version of the form page in its cache, so it
displays it. Mailman's CGI mechanism that issues the form page should
always inform the user agent, or proxy server, that the page is new, so
that any agent in the chain, proxy server or browser, will discard a
cached version and reload it. So what's broken here is the exchange of
this information. I suppose this _could_ be a browser problem, but IMHO
it's more likely to be a problem further back toward the server, or on
the server itself.
Every mass subscription page form has a token, labeled "csrf_token", the
value of which is a string of letters and numbers, and is different each
time the page is generated by the CGI script. This token is sent back
to Mailman when you submit the form. This token is interpreted by
Mailman, which uses it to determine how long ago the page was generated,
and to refuse it if the page is older than FORM_LIFETIME, set in
Defaults.py or mm_cfg.py. So because this token changes with every
service of this form, the page is always "new" and every element of the
connection between the CGI script and your browser should be told that
this is the case.
A couple of questions might help to understand this:
* Are you using a HTTP proxy server? This information would have been
intentionally set in your browser's configuration. If so, do you know
anything about this proxy server?
* What kind and version of browser are you using?
* On what kind of system is Mailman running and what kind (Apache,
MSIIS, etc.) and version is the web server?
> Amit Bhatt
> ----- Original Message -----
> From: "Lindsay Haisley" <fmouse-mailman at fmp.com>
> To: <mailman-users at python.org>
> Sent: Saturday, November 03, 2012 10:36 PM
> Subject: Re: [Mailman-Users] error message while adding members
> > On Sat, 2012-11-03 at 07:52 -0700, Mark Sapiro wrote:
> >> What the message is telling you is that the mass subscribe form you are
> >> submitting was retrieved from the host longer than FORM_LIFETIME
> >> before it was submitted. If this is not the case, there is some issue
> >> in your web server. Perhaps the FAQ at <http://wiki.list.org/x/ioA9>
> >> is applicable.
> > Could this be caused by a web proxy that's improperly caching the form
> > page and serving it to the client in spite of the fact that csrf_token
> > has changed? Or improperly indicating to the client that the page
> > hasn't changed so that the client displays from its its own cache
> > instead of requesting it again from the server?
> > Amit, I think a good test here would be to clear your browser's cache,
> > reload the subscription form, and see if you get the same error. The
> > experts may have a better suggestion, but this is what I'd try.
> > --
> > Lindsay Haisley | "In an open world, who needs
> > FMP Computer Services | Windows or Gates"
> > 512-259-1190 |
> > http://www.fmp.com |
> > ------------------------------------------------------
> > Mailman-Users mailing list Mailman-Users at python.org
> > http://mail.python.org/mailman/listinfo/mailman-users
> > Mailman FAQ: http://wiki.list.org/x/AgA3
> > Security Policy: http://wiki.list.org/x/QIA9
> > Searchable Archives:
> > http://www.mail-archive.com/mailman-users%40python.org/
> > Unsubscribe:
> > http://mail.python.org/mailman/options/mailman-users/misterbhatt%40gmail.com
More information about the Mailman-Users