devised to minimize the chance that email account information could be stolen off the
Net in transit.
Here’s how it works. When this script is invoked by the password input page’s form,
it gets only one input parameter: the password typed into the form. The username is
imported from a mailconfig module installed on the server; it is not transmitted to-
gether with the unencrypted password because such a combination could be harmful
if intercepted.
To pass the POP username and password to the next page as state information, this
script adds them to the end of the mail selection list URLs, but only after the password
has been encrypted or obfuscated by secret.encode—a function in a module that lives
on the server and may vary in every location that PyMailCGI is installed. In fact,
PyMailCGI was written to not have to know about the password encryptor at all; be-
cause the encoder is a separate module, you can provide any flavor you like. Unless you
also publish your encoder module, the encoded password shipped with the username
won’t mean much if seen.
The upshot is that normally PyMailCGI never sends or receives both username and
password values together in a single transaction, unless the password is encrypted or
obfuscated with an encryptor of your choice. This limits its utility somewhat (since
only a single account username can be installed on the server), but the alternative of
popping up two pages—one for password entry and one for username—seems even
less friendly. In general, if you want to read your mail with the system as coded, you
have to install its files on your server, edit its mailconfig.py to reflect your account
details, and change its secret.py encoder and decoder as desired.Reading mail with direct URLs
One exception: since any CGI script can be invoked with parameters in an explicit URL
instead of form field values, and since commonhtml tries to fetch inputs from the form
object before importing them from mailconfig, it is possible for any person to use this
script if installed at an accessible address to check his or her mail without installing and
configuring a copy of PyMailCGI of their own. For example, a URL such as the fol-
lowing typed into your browser’s address field or submitted with tools such as url
lib.request (but without the line break used to make it fit here):
http://localhost:8000/cgi-bin/
onViewPswdSubmit.py?user=lutz&pswd=guess&site=pop.earthlink.net
will actually load email into a selection list page such as that in Figure 16-8, using
whatever user, password, and mail site names are appended to the URL. From the
selection list, you may then view, reply, forward, and delete email.
Notice that at this point in the interaction, the password you send in a URL of this form
is not encrypted. Later scripts expect that the password inputs will be sent encrypted,
though, which makes it more difficult to use them with explicit URLs (you would need
to match the encrypted or obfuscated form produced by the secret module on the1258 | Chapter 16: The PyMailCGI ServerDo
wnload from Wow! eBook <www.wowebook.com>