Some forms in list admin interfaces use absolute links in form action
Bug #1279980 reported by
Vitor Choi Feitosa
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
GNU Mailman |
Incomplete
|
Low
|
Mark Sapiro |
Bug Description
Some forms in admin interface, like the one on list member management -- https:/
POST data then gets transmitted in the clear because that absolute link points to http instead of https address.
I'm running mailman 2.1.14
To post a comment you must log in.
If you want to use https, you need to set DEFAULT_URL_PATTERN to an https scheme in mm_cfg.py, e.g.
DEFAULT_URL_PATTERN = 'https:/ /%s/mailman/ '
and then run fix_url to update the web_page_url attribute of your lists. See the FAQ at <http:// wiki.list. org/x/7oA9>.