mirror of
https://github.com/simple-login/app.git
synced 2024-09-20 15:05:59 +08:00
sanitize header
This commit is contained in:
parent
826e4455cf
commit
5cba2eaa38
|
@ -1,6 +1,7 @@
|
||||||
import random
|
import random
|
||||||
import string
|
import string
|
||||||
import urllib.parse
|
import urllib.parse
|
||||||
|
from typing import Optional
|
||||||
|
|
||||||
from unidecode import unidecode
|
from unidecode import unidecode
|
||||||
|
|
||||||
|
@ -65,3 +66,9 @@ def sanitize_email(email_address: str) -> str:
|
||||||
if email_address:
|
if email_address:
|
||||||
return email_address.lower().strip().replace(" ", "").replace("\n", " ")
|
return email_address.lower().strip().replace(" ", "").replace("\n", " ")
|
||||||
return email_address
|
return email_address
|
||||||
|
|
||||||
|
|
||||||
|
def sanitize_header(header: Optional[str]) -> Optional[str]:
|
||||||
|
if header:
|
||||||
|
return header.strip().replace("\n", " ")
|
||||||
|
return header
|
||||||
|
|
|
@ -118,7 +118,7 @@ from app.models import (
|
||||||
TransactionalEmail,
|
TransactionalEmail,
|
||||||
)
|
)
|
||||||
from app.pgp_utils import PGPException, sign_data_with_pgpy, sign_data
|
from app.pgp_utils import PGPException, sign_data_with_pgpy, sign_data
|
||||||
from app.utils import sanitize_email
|
from app.utils import sanitize_email, sanitize_header
|
||||||
from init_app import load_pgp_public_keys
|
from init_app import load_pgp_public_keys
|
||||||
from server import create_app, create_light_app
|
from server import create_app, create_light_app
|
||||||
|
|
||||||
|
@ -1516,6 +1516,13 @@ def handle(envelope: Envelope) -> str:
|
||||||
envelope.rcpt_tos = rcpt_tos
|
envelope.rcpt_tos = rcpt_tos
|
||||||
|
|
||||||
msg = email.message_from_bytes(envelope.original_content)
|
msg = email.message_from_bytes(envelope.original_content)
|
||||||
|
|
||||||
|
# sanitize email headers
|
||||||
|
msg["from"] = sanitize_header(msg["from"])
|
||||||
|
msg["to"] = sanitize_header(msg["to"])
|
||||||
|
msg["cc"] = sanitize_header(msg["cc"])
|
||||||
|
msg["reply-to"] = sanitize_header(msg["reply-to"])
|
||||||
|
|
||||||
LOG.d(
|
LOG.d(
|
||||||
"==>> Handle mail_from:%s, rcpt_tos:%s, header_from:%s, header_to:%s, "
|
"==>> Handle mail_from:%s, rcpt_tos:%s, header_from:%s, header_to:%s, "
|
||||||
"cc:%s, reply-to:%s, mail_options:%s, rcpt_options:%s",
|
"cc:%s, reply-to:%s, mail_options:%s, rcpt_options:%s",
|
||||||
|
|
Loading…
Reference in a new issue