Opened 7 years ago
Last modified 5 years ago
#28726 closed Cleanup/optimization
Brackets illegal in DEFAULT_FROM_EMAIL name part — at Version 1
| Reported by: | Ciaran Courtney | Owned by: | nobody |
|---|---|---|---|
| Component: | Core (Mail) | Version: | 3.0 |
| Severity: | Normal | Keywords: | email DEFAULT_FROM_EMAIL |
| Cc: | Adam Johnson | Triage Stage: | Accepted |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description (last modified by )
Using DEFAULT_FROM_EMAIL = '[test] Bob <noreply@example.com>' will fail in django.core.mail.message.sanitize_address() at parseaddr(addr)
Possibly other characters are illegal. The docs don't mention the use of DEFAULT_FROM_EMAIL in this way, perhaps documentation can cover it.
Change History (1)
comment:1 by , 7 years ago
| Description: | modified (diff) |
|---|---|
| Triage Stage: | Unreviewed → Accepted |
Note:
See TracTickets
for help on using tickets.
If
from_emailis not provided,EmailMessageorEmailMultiAlternativeswill useDEFAULT_FROM_EMAIL. If DEFAULT_FROM_EMAIL is not a tuplesanitize_addresswill pass DEFAULT_FROM_EMAIL to the functionparseaddrfrom theemailmodule in the standard library.parseaddrwill then try to parse RFC 2822 addresses.Space and "(),:;<>@[\] characters are allowed with restrictions (https://stackoverflow.com/a/2049510/4819353). If you pass a suqare bracket
[toparseaddrit will return someting like this:[('', ''), ('', 'test'), ('', ''), ('Bob', 'noreply@example.com')]. Sincesanitize_addresswill use only the first element from the returned list, you will get an error.I suggest that the documentation mentions some of this.