New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
isValidHost: don't try to validate hostnames #2684
Comments
You are ignoring the context in which this is used. It is not intended to be exhaustive, and it even says so in the code. That specific check is used prior to several more detailed but more expensive checks. If a name fails that check then we can be pretty sure it's going to fail the more detailed ones, and we've saved ourselves the bother. Can you provide an example of a valid hostname that fails this check but passes the others? |
I'm not ignoring the context in which it is used. Quite the opposite: the validation is ignoring possible contexts in which the user of the library (or maintainer of the application for which the library is included) is used. If it is not intended to be exhaustive, then it should not be a fatal error for the check to not pass. In other words, as I have stated: don't validate (except for potential security exploits and exception-causing empty or null values). The OS will validate the hostname or the upstream mail service will validate. |
How do you propose to resolve the conflict that (for example) dotless addresses that are valid locally are invalid elsewhere, but there is no way to tell which context you are in? Do you have a constructive suggestion? Or a PR? |
I made a PR.
How do you propose to resolve the conflict that (for example) dotless
addresses that are valid locally are invalid elsewhere, but there is no way
to tell which context you are in?
Why is this your "job" to do that? LOL. You're providing an interface to
mail, not reinventing the wheel or being an MTA.
…On Mon, Jun 6, 2022 at 10:45 PM Marcus Bointon ***@***.***> wrote:
How do you propose to resolve the conflict that (for example) dotless
addresses that are valid locally are invalid elsewhere, but there is no way
to tell which context you are in?
Do you have a constructive suggestion? Or a PR?
—
Reply to this email directly, view it on GitHub
<#2684 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABU3OYTSV5XAXIBM5VKQHZLVNZPPVANCNFSM5WCNK6ZA>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
--
Otheus
***@***.***
***@***.***
|
PHPMailer/src/PHPMailer.php
Line 4093 in bf99c20
The text was updated successfully, but these errors were encountered: