Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Don't allow colons in header names. Closes #377

  • Loading branch information...
commit 2bf27fb0cdc54ed30305d7ebe32c7b51fc2002fb 1 parent 6475840
@jeremy jeremy authored
Showing with 15 additions and 0 deletions.
  1. +1 −0  CHANGELOG.rdoc
  2. +3 −0  lib/mail/header.rb
  3. +11 −0 spec/mail/header_spec.rb
View
1  CHANGELOG.rdoc
@@ -1,6 +1,7 @@
== HEAD
Features:
+* Don't allow colons in header names (jeremy)
* Can assign arrays of Message-IDs to References and In-Reply-To (jeremy)
* Setting the html_ or text_part sets a default text/html or text/plain content type (jeremy)
* Setting the html_ or text_part to nil removes it (jeremy)
View
3  lib/mail/header.rb
@@ -154,6 +154,9 @@ def [](name)
# h['X-Mail-SPAM'] # => nil
def []=(name, value)
name = dasherize(name)
+ if name.include?(':')
+ raise ArgumentError, "Header names may not contain a colon: #{name.inspect}"
+ end
fn = name.downcase
selected = select_field_for(fn)
View
11 spec/mail/header_spec.rb
@@ -235,6 +235,10 @@
header.encoded.should match(/^User-Agent: /)
header.encoded.should_not match(/^user-agent: /)
end
+
+ it "should not accept field names containing colons" do
+ doing { Mail::Header.new['a:b'] = 'c' }.should raise_error
+ end
end
@@ -261,6 +265,13 @@
doing { Mail::Header.new("#{test_name}: This is a crazy name") }.should_not raise_error
end
+ it "should not try to accept colons in header field names" do
+ header = Mail::Header.new("Colon:in:header: oops")
+ header.fields.size.should eq 1
+ header.fields.first.name.should eq 'Colon'
+ header['Colon'].value.should eq 'in:header: oops'
+ end
+
# A field body may be composed of any US-ASCII characters,
# except for CR and LF. However, a field body may contain CRLF when
# used in header "folding" and "unfolding" as described in section
Please sign in to comment.
Something went wrong with that request. Please try again.