Ticket #409 (fixed bug)
The $to and $from addresses need sanitized/decoded for SMTP
- Created: 2011-04-18 10:24:49
- Reported by: Reines
- Assigned to: Reines
- Milestone: 2.0-alpha2
- Component: email
- Priority: high
The $to and $from addresses aren't currently properly sanitized or decoded within the SMTP part of fluxbb-mailer.
They may be in the form "Name <email@example.com>" - if they are, we need to extract just the email address.
They may be malicious and contain new lines to attempt header injection.
Certain characters (i.e. <>) might need escaped somehow? (not sure on this one... check)
They may be UTF8 encoded - obviously it will need reversed before we can attempt to extract the email.