[Bug 1568547] Re: admindb POST fails due to absolute addressing

Mark Sapiro mark at msapiro.net
Sun Apr 10 13:40:11 EDT 2016 

The underlying issue is redirects lose POST data. Most mainstream
browsers when receiving a 301 or 302 in response to a POST will issue a
GET of the new URI. HTTP 1.1 defined 307 and 308  redirects to
specifically say that the browser should use the same request method for
the new URI, but if the server is issuing a 301 or 302 redirect rather
than a 307 or 308, the POST data is lost.

Your issue is not due to a Mailman change as the only change in this
area was in Mailman 2.1.12 and that change made more URLs relative, not
fewer. However, Your Mailman installation is cPanel, and this could be a
cPanel issue. See http://wiki.list.org/DOC/Mailman%20and%20CPanel , but
http://noonway.com/mailman/admindb/humor_noonway.com is definitely being
redirected to
http://just63.justhost.com/mailman/admindb/humor_noonway.com with a 301
redirect. Many other cPanel Mailman hosts don't do this redirection as
it breaks other things too.

Depending on how much access you have to the actual Mailman installation
on the server, you may be able to change things. At around line 204 in
Mailman/Cgi/admindb.py you'll see

        # Now print the results and we're done.  Short circuit for when there
        # are no pending requests, but be sure to save the results!
        admindburl = mlist.GetScriptURL('admindb', absolute=1)

if you remove the ", absolute=1" from the last of those to make it

        admindburl = mlist.GetScriptURL('admindb')

that should make the form action URL relative.

As for changing this in the upstream code, there are several places
where absolute URLs are generated in this way. I don't know the
historical reasons for this or what the unintended consequences might be
if they were changed, so I'm reluctant to do so.

It definitely appears that just63.justhost.com has made mods to the
basic cPanel Mailman, e.g. the "delegated access" on the admin(db) login
pages and the lack of a link in the footer to "Overview of all
noonway.com mailing lists" (which is another thing that wouldn't work
because of the redirect), so they ought to fix this too.

-- 
You received this bug notification because you are a member of Mailman
Coders, which is subscribed to GNU Mailman.
https://bugs.launchpad.net/bugs/1568547

Title:
  admindb POST fails due to absolute addressing

To manage notifications about this bug go to:
https://bugs.launchpad.net/mailman/+bug/1568547/+subscriptions

More information about the Mailman-coders mailing list