[Mailman-Users] form-action tag and http-redirects -> a solution?

[Oliver Paulzen]

Dear Mailman-users,

the following has already been discussed on this list but the
suggested solutions don't satisfy my needs which are to provide
mailinglist services to two kind of customers:

* users on out internal network
* users somewhere on the internet

The first group of people have to be able to use the mailman
webinterface via HTTP, the later are forced to connect with HTTPS
(company policy, not negotiable)

We're kind of forced to realize this by setting up the mailman server
on our internal network and to provide the webinterface though an
existing reverse-proxy (squid with https in reverse-proxy mode) to the
outside world.
In addition to the squid running on the reverse-proxy machine, an
apache-server listens on the same (outside) address. All it does is to
redirect http-requests to the corresponding https-url using
mod_rewrite.

And that's where the story begins:

Customers who connect to the mailman interface from the internet
through our reverse-proxy aren't able to "submit their changes". This
is because "http://ourserver/somecgi" is hardcoded in each 
<form action=...> -tag, so the submit-request is sent to the
reverse-proxys' apache which does the redirection to the squid. The
post-data gets lost on the way and the request ends up doing nothing.

To make a long story short: I really don't understand why the
form-action has to have the whole protocol and servername in its
target. Is there any reason for not using the "relative" uri and to
let the browser do its job of forming the complete url? This way, the
interface would be independent of servername and protocol as seen
by the browser. Maybe I don't see the "whole picture" here, but this
is what gives us a bad headache in our setup.

Actually, I did some code digging (probably because I'm just too blind
to find the right configuration value to solve my problem easily). I'm
not much of a python-hacker (not much of a programmer at all in fact),
but the attached "patch" does seem to fit our needs by removing
"http://" and the servers' name from DEFAULT_URL_PATTERN before
forming the form-action tag in htmlformat.py.

What do you think? Does it break anything I don't see right now?
Is there a chance to get this feature as an optional function into the
official mailman code?

Any comment is appreciated.

Thanks for listening :)

cu,
 Oliver
-------------- next part --------------
--- Mailman/htmlformat.py.dist	Wed Mar  3 00:04:15 2004
+++ Mailman/htmlformat.py	Wed Mar  3 21:52:17 2004
@@ -28,6 +28,7 @@
 
 
 import types
+import re
 
 from Mailman import mm_cfg
 from Mailman import Utils
@@ -413,7 +414,7 @@
         if self.encoding:
             encoding = 'enctype="%s"' % self.encoding
         output = '\n%s<FORM action="%s" method="%s" %s>\n' % (
-            spaces, self.action, self.method, encoding)
+            spaces, re.sub('^https?://[^/]+','',self.action), self.method, encoding)
         output = output + Container.Format(self, indent+2)
         output = '%s\n%s</FORM>\n' % (output, spaces)
         return output