[ET Trac] [Einstein Toolkit] #719: Mailing lists could have a link to the archived version of the message
Einstein Toolkit
trac-noreply at einsteintoolkit.org
Sun Jan 26 21:57:13 CST 2014
#719: Mailing lists could have a link to the archived version of the message
--------------------------+-------------------------------------------------
Reporter: hinder | Owner:
Type: enhancement | Status: review
Priority: minor | Milestone:
Component: Other | Version:
Resolution: | Keywords:
--------------------------+-------------------------------------------------
Changes (by rhaas):
* status: reopened => review
Comment:
Attached is a more substantial attempt. comment:5:ticket:1529 raised some
issues wrt to security and unavailability of message-id. I have amended
the patches to fall back to sequence number if message-id is missing
(tough none of the emails in the ET mailing list are lacking a message-id
right now). I have also tried to make the constructed archive path "safe".
I am not concerned with funny urls appearing in the emails, since if I'd
want to stick a strange URL in the mailing list, I could just send an
message to the list. The bigger issue was that the previous patch would
have blindly used the (user supplied) message ID to create the path for
the file that archives the message. Since the archiver can overwrite web-
pages this would have allowed a user to change the website content.
The attached patch tries to provide an archive_url variable that can be
used in the footer. Constructing the URL cannot be done nicely since it
relies on internal knowledge of the archiver (HyperArch) that is not
directly accessible when constructing the footer. So I have put in code
(stolen from the "correct" place) that handles our usage case. One could
probably make this work more nicely, however it seems not worth the
effort.
--
Ticket URL: <https://trac.einsteintoolkit.org/ticket/719#comment:4>
Einstein Toolkit <http://einsteintoolkit.org>
The Einstein Toolkit
More information about the Trac
mailing list