Sophie

Sophie

distrib > Mandriva > 2010.2 > i586 > media > main-updates-src > by-pkgid > 9d94b615bb9c0a8dcc25133cac40cff5 > files > 3

mailman-2.1.13-1.3mdv2010.2.src.rpm


 http://www.mail-archive.com/mailman-developers%40python.org/msg12017.html

diff -Naurp mailman-2.1.13/Mailman/Cgi/listinfo.py mailman-2.1.13.oden/Mailman/Cgi/listinfo.py
--- mailman-2.1.13/Mailman/Cgi/listinfo.py	2009-12-22 19:00:43.000000000 +0100
+++ mailman-2.1.13.oden/Mailman/Cgi/listinfo.py	2010-10-01 13:33:04.481678420 +0200
@@ -94,7 +94,7 @@ def listinfo_overview(msg=''):
             else:
                 advertised.append((mlist.GetScriptURL('listinfo'),
                                    mlist.real_name,
-                                   mlist.description))
+                                   Utils.websafe(mlist.description)))
     if msg:
         greeting = FontAttr(msg, color="ff5060", size="+1")
     else:
diff -Naurp mailman-2.1.13/Mailman/HTMLFormatter.py mailman-2.1.13.oden/Mailman/HTMLFormatter.py
--- mailman-2.1.13/Mailman/HTMLFormatter.py	2009-12-22 19:00:43.000000000 +0100
+++ mailman-2.1.13.oden/Mailman/HTMLFormatter.py	2010-10-01 13:34:43.216731278 +0200
@@ -383,8 +383,9 @@ class HTMLFormatter:
             '<mm-mailman-footer>' : self.GetMailmanFooter(),
             '<mm-list-name>' : self.real_name,
             '<mm-email-user>' : self._internal_name,
-            '<mm-list-description>' : self.description,
-            '<mm-list-info>' : BR.join(self.info.split(NL)),
+            '<mm-list-description>' : Utils.websafe(self.description),
+            '<mm-list-info>' : 
+            '<!---->' + BR.join(self.info.split(NL)) + '<!---->',
             '<mm-form-end>'  : self.FormatFormEnd(),
             '<mm-archive>'   : self.FormatArchiveAnchor(),
             '</mm-archive>'  : '</a>',
diff -Naurp mailman-2.1.13/Mailman/Utils.py mailman-2.1.13.oden/Mailman/Utils.py
--- mailman-2.1.13/Mailman/Utils.py	2009-12-22 19:00:43.000000000 +0100
+++ mailman-2.1.13.oden/Mailman/Utils.py	2010-10-01 13:35:16.302743970 +0200
@@ -911,6 +911,7 @@ _badwords = [
     # Kludge to allow the specific tag that's in the options.html template.
     '<link(?! rel="SHORTCUT ICON" href="<mm-favicon>">)',
     '<meta',
+    '<object',
     '<script',
     r'(?:^|\W)j(?:ava)?script(?:\W|$)',
     r'(?:^|\W)vbs(?:cript)?(?:\W|$)',

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional