Django

Code

Changeset 1798

Show
Ignore:
Timestamp:
12/29/05 16:12:54 (3 years ago)
Author:
adrian
Message:

Fixed #1139 -- Changed django.core.mail to raise BadHeaderError? (a subclass of ValueError?) and changed docs/email.txt example to use that

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • django/trunk/django/core/mail.py

    r1795 r1798  
    55import smtplib 
    66 
     7class BadHeaderError(ValueError): 
     8    pass 
     9 
    710class SafeMIMEText(MIMEText): 
    811    def __setitem__(self, name, val): 
    912        "Forbids multi-line headers, to prevent header injection." 
    1013        if '\n' in val or '\r' in val: 
    11             raise ValueError, "Header values can't contain newlines (got %r for header %r)" % (val, name) 
     14            raise BadHeaderError, "Header values can't contain newlines (got %r for header %r)" % (val, name) 
    1215        MIMEText.__setitem__(self, name, val) 
    1316 

  • django/trunk/docs/email.txt

    r1795 r1798  
    128128by forbidding newlines in header values. If any ``subject``, ``from_email`` or 
    129129``recipient_list`` contains a newline, the e-mail function (e.g. 
    130 ``send_mail()``) will raise ``ValueError`` and, hence, will not send the 
    131 e-mail. It's your responsibility to validate all data before passing it to the 
    132 e-mail functions. 
     130``send_mail()``) will raise ``django.core.mail.BadHeaderError`` (a subclass of 
     131``ValueError``) and, hence, will not send the e-mail. It's your responsibility 
     132to validate all data before passing it to the e-mail functions. 
    133133 
    134134Here's an example view that takes a ``subject``, ``message`` and ``from_email`` 
     
    136136"/contact/thanks/" when it's done:: 
    137137 
    138     from django.core.mail import send_mail 
     138    from django.core.mail import send_mail, BadHeaderError 
    139139 
    140140    def send_email(request): 
     
    142142        message = request.POST.get('message', '') 
    143143        from_email = request.POST.get('from_email', '') 
    144         if subject and message and from_email \ 
    145                 and '\n' not in subject and '\n' not in message 
    146                 and '\n' not in from_email: 
    147             send_mail(subject, message, from_email, ['admin@example.com']) 
     144        if subject and message and from_email: 
     145            try: 
     146                send_mail(subject, message, from_email, ['admin@example.com']) 
     147            except BadHeaderError: 
     148                return HttpResponse('Invalid header found.') 
    148149            return HttpResponseRedirect('/contact/thanks/') 
    149150        else: