X-Git-Url: http://www.git.stargrave.org/?a=blobdiff_plain;f=lib%2FPublicInbox%2FUnsubscribe.pm;h=46d5d8d7ea286844eb8f353650fc9ba1067d324a;hb=79bf257cbc4e188992f540d6b4ae1bd5cbcf26ee;hp=1f5ce315a81651e6fa83a68c7b7d4b8de985ad5c;hpb=1f29b33d3f71b8a40f5ae76bf20b95618b518654;p=public-inbox.git

diff --git a/lib/PublicInbox/Unsubscribe.pm b/lib/PublicInbox/Unsubscribe.pm
index 1f5ce315..46d5d8d7 100644
--- a/lib/PublicInbox/Unsubscribe.pm
+++ b/lib/PublicInbox/Unsubscribe.pm
@@ -12,7 +12,7 @@ use warnings;
 use Crypt::CBC;
 use Plack::Util;
 use MIME::Base64 qw(decode_base64url);
-my $CODE_URL = 'git://80x24.org/public-inbox.git';
+my $CODE_URL = 'https://public-inbox.org/public-inbox.git';
 my @CT_HTML = ('Content-Type', 'text/html; charset=UTF-8');
 
 sub new {
@@ -77,16 +77,17 @@ sub _user_list_addr {
 			'Missing mailing list name in path component');
 	}
 	my $user = eval { $self->{cipher}->decrypt(decode_base64url($u)) };
-	if (!defined $user) {
+	if (!defined $user || index($user, '@') < 1) {
 		my $err = quotemeta($@);
 		my $errors = $env->{'psgi.errors'};
 		$errors->print("error decrypting: $u\n");
 		$errors->print("$_\n") for split("\n", $err);
+		$u = Plack::Util::encode_html($u);
 		return r($self, 400, 'Bad request', "Failed to decrypt: $u");
 	}
 
 	# The URLs are too damn long if we have the encrypted domain
-	# name in the query string
+	# name in the PATH_INFO
 	if (index($list, '@') < 0) {
 		my $host = (split(':', $env->{HTTP_HOST}))[0];
 		$list .= '@'.$host;
@@ -157,7 +158,7 @@ sub archive_info {
 	}
 
 	# protocol-relative URL:  "//example.com/" => "https://example.com/"
-	if ($archive_url =~ m!\A//!) {
+	if ($archive_url && $archive_url =~ m!\A//!) {
 		$archive_url = "$env->{'psgi.url_scheme'}:$archive_url";
 	}