-
-
Notifications
You must be signed in to change notification settings - Fork 375
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unicode strings in HTTP headers when using metadata_exporter [BUG] #4808
Comments
Hi, i have the same issue and it is not fixed: |
I am not able to reproduce. |
I've just downgraded to previous installed version (rspamd_3.7.5-2 |
I'm sorry but I don't see how that is intended to support your claim. The issue with unicode encoding has been there since the start of this plugin (so before v3 at all). |
Rspamd 3.8.4: encoding of metadata is bad |
The first screenshot: good encodind, the second screenshot: bad encoding |
A file with good metadada:
Encodind of "HTTP_X_RSPAMD_SUBJECT" is good |
A file with bad metadata:
Encodind of "HTTP_X_RSPAMD_SUBJECT" is bad |
So all was OK with version 3.7.5, i have upgraded to 3.8.4 this week and the problem appears: encoding of "HTTP_X_RSPAMD_SUBJECT" is bad. I've downgraded to 3.8.2 and the problem is also here. |
Personnal comment: before Rspamd, i've worked with SpamAssassin and Sophos PureMessage. |
Prerequisites
Describe the bug
When using the metadata_exporter module with meta_headers enabled, UTF-8 strings from the mail data (e.g. subject) are sent directly as HTTP header values.
HTTP headers, including their values, are required to be pure ASCII.
This behaviour leads to encoding errors when receiving POST requests from rspamd with common HTTP server implementations. (Tested: ExpressJS)
Steps to Reproduce
Expected behavior
rspamd should send UTF-8 header values encoded according to RFC 2047.
I suggest either requiring all modules using rspamd_http to encode header fields before passing them, or to modify rspamd_http to encode UTF-8 headers correctly before sending.
Versions
Tested on rspamd 3.4 (Debian 12.2 package, kernel 6.1.0-13-amd64).
[Looking at the code in master, I don't expect the behaviour to be different in the current version]
The text was updated successfully, but these errors were encountered: