mirror of
https://github.com/simple-login/app.git
synced 2024-09-20 15:05:59 +08:00
sanitize header
This commit is contained in:
parent
826e4455cf
commit
5cba2eaa38
|
@ -1,6 +1,7 @@
|
|||
import random
|
||||
import string
|
||||
import urllib.parse
|
||||
from typing import Optional
|
||||
|
||||
from unidecode import unidecode
|
||||
|
||||
|
@ -65,3 +66,9 @@ def sanitize_email(email_address: str) -> str:
|
|||
if email_address:
|
||||
return email_address.lower().strip().replace(" ", "").replace("\n", " ")
|
||||
return email_address
|
||||
|
||||
|
||||
def sanitize_header(header: Optional[str]) -> Optional[str]:
|
||||
if header:
|
||||
return header.strip().replace("\n", " ")
|
||||
return header
|
||||
|
|
|
@ -118,7 +118,7 @@ from app.models import (
|
|||
TransactionalEmail,
|
||||
)
|
||||
from app.pgp_utils import PGPException, sign_data_with_pgpy, sign_data
|
||||
from app.utils import sanitize_email
|
||||
from app.utils import sanitize_email, sanitize_header
|
||||
from init_app import load_pgp_public_keys
|
||||
from server import create_app, create_light_app
|
||||
|
||||
|
@ -1516,6 +1516,13 @@ def handle(envelope: Envelope) -> str:
|
|||
envelope.rcpt_tos = rcpt_tos
|
||||
|
||||
msg = email.message_from_bytes(envelope.original_content)
|
||||
|
||||
# sanitize email headers
|
||||
msg["from"] = sanitize_header(msg["from"])
|
||||
msg["to"] = sanitize_header(msg["to"])
|
||||
msg["cc"] = sanitize_header(msg["cc"])
|
||||
msg["reply-to"] = sanitize_header(msg["reply-to"])
|
||||
|
||||
LOG.d(
|
||||
"==>> Handle mail_from:%s, rcpt_tos:%s, header_from:%s, header_to:%s, "
|
||||
"cc:%s, reply-to:%s, mail_options:%s, rcpt_options:%s",
|
||||
|
|
Loading…
Reference in a new issue