sanitize_email 1.0.7 → 1.0.8

data/CHANGELOG.md

@@ -1,3 +1,9 @@
+Version 1.0.8 - AUG.30.2013
+* \[Bug Fix\] Fixes #12 - Streange repeating headers by Peter Boling
+* Lots of refactoring by Peter Boling
+  * Properly supports when a to/cc field has multiple recipients sanitized and adds all to mail headers
+* Improved specs by Peter Boling
+
 Version 1.0.7 - AUG.06.2012
 
 * \[Bug Fix\] Stripping the message headers before appending new headers.

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    sanitize_email (1.0.6)
+    sanitize_email (1.0.7)
 
 GEM
   remote: http://rubygems.org/

data/README.md

@@ -146,7 +146,7 @@ dependency on this gem using the [Pessimistic Version Constraint][pvc] with two
 
 For example:
 
-    spec.add_dependency 'sanitize_email', '~> 4.0'
+    spec.add_dependency 'sanitize_email', '~> 1.0.8'
 
 [semver]: http://semver.org/
 [pvc]: http://docs.rubygems.org/read/chapter/16#page74

data/REEK

@@ -1,16 +1,4 @@
-lib/sanitize_email.rb -- 1 warning:
-  SanitizeEmail#self.sanitary calls SanitizeEmail::Config.config twice (DuplicateMethodCall)
-lib/sanitize_email/bleach.rb -- 14 warnings:
-  SanitizeEmail::Bleach has no descriptive comment (IrresponsibleModule)
-  SanitizeEmail::Bleach#activate? calls SanitizeEmail.activation_proc twice (DuplicateMethodCall)
-  SanitizeEmail::Bleach#activate? doesn't depend on instance state (UtilityFunction)
-  SanitizeEmail::Bleach#delivering_email calls message.to twice (DuplicateMethodCall)
-  SanitizeEmail::Bleach#inject_user_names contains iterators nested 2 deep (NestedIterators)
-  SanitizeEmail::Bleach#inject_user_names doesn't depend on instance state (UtilityFunction)
-  SanitizeEmail::Bleach#inject_user_names refers to real_recipient more than self (FeatureEnvy)
-  SanitizeEmail::Bleach#override_email has approx 10 statements (TooManyStatements)
-  SanitizeEmail::Bleach#subject_override doesn't depend on instance state (UtilityFunction)
-  SanitizeEmail::Bleach#subject_override refers to actual_addresses more than self (FeatureEnvy)
+lib/sanitize_email/bleach.rb -- 2 warnings:
   SanitizeEmail::Bleach::MissingTo has no descriptive comment (IrresponsibleModule)
   SanitizeEmail::Bleach::UnknownOverride has no descriptive comment (IrresponsibleModule)
 lib/sanitize_email/config.rb -- 4 warnings:
@@ -18,12 +6,25 @@ lib/sanitize_email/config.rb -- 4 warnings:
   SanitizeEmail::Config#self.configure calls @config[:force_sanitize] twice (DuplicateMethodCall)
   SanitizeEmail::Config#self.configure calls @config[:sanitized_recipients] twice (DuplicateMethodCall)
   SanitizeEmail::Config#self.configure has approx 7 statements (TooManyStatements)
-lib/sanitize_email/deprecation.rb -- 3 warnings:
-  SanitizeEmail::Deprecation declares the class variable @@deprecate_in_silence (ClassVariable)
+lib/sanitize_email/deprecation.rb -- 2 warnings:
   SanitizeEmail::Deprecation takes parameters [name, replacement] to 3 methods (DataClump)
   SanitizeEmail::Deprecation#deprecation is controlled by argument replacement (ControlParameter)
 lib/sanitize_email/engine.rb -- 1 warning:
   SanitizeEmail::Engine has no descriptive comment (IrresponsibleModule)
+lib/sanitize_email/mail_header_tools.rb -- 7 warnings:
+  SanitizeEmail::MailHeaderTools#self.add_original_addresses_as_headers has the variable name 'k' (UncommunicativeVariableName)
+  SanitizeEmail::MailHeaderTools#self.add_original_addresses_as_headers has the variable name 'v' (UncommunicativeVariableName)
+  SanitizeEmail::MailHeaderTools#self.prepend_environment_to_subject calls Rails.env twice (DuplicateMethodCall)
+  SanitizeEmail::MailHeaderTools#self.update_header has the parameter name 'k' (UncommunicativeParameterName)
+  SanitizeEmail::MailHeaderTools#self.update_header has the parameter name 'v' (UncommunicativeParameterName)
+  SanitizeEmail::MailHeaderTools#self.update_header has the variable name 'a' (UncommunicativeVariableName)
+  SanitizeEmail::MailHeaderTools#self.update_header is controlled by argument v (ControlParameter)
+lib/sanitize_email/overridden_addresses.rb -- 5 warnings:
+  SanitizeEmail::OverriddenAddresses has no descriptive comment (IrresponsibleModule)
+  SanitizeEmail::OverriddenAddresses#inject_user_names contains iterators nested 2 deep (NestedIterators)
+  SanitizeEmail::OverriddenAddresses#inject_user_names doesn't depend on instance state (UtilityFunction)
+  SanitizeEmail::OverriddenAddresses#inject_user_names refers to real_recipient more than self (FeatureEnvy)
+  SanitizeEmail::OverriddenAddresses#override_email has approx 10 statements (TooManyStatements)
 lib/sanitize_email/railtie.rb -- 1 warning:
   SanitizeEmail::Railtie has no descriptive comment (IrresponsibleModule)
 lib/sanitize_email/rspec_matchers.rb -- 2 warnings:

data/lib/sanitize_email.rb

@@ -5,6 +5,8 @@ module SanitizeEmail
   require 'sanitize_email/version'
   require 'sanitize_email/deprecation'
   require 'sanitize_email/config'
+  require 'sanitize_email/mail_header_tools'
+  require 'sanitize_email/overridden_addresses'
   require 'sanitize_email/bleach'
 
   class MissingBlockParameter < StandardError; end
@@ -44,6 +46,11 @@ module SanitizeEmail
     SanitizeEmail[:local_environments]
   end
 
+  def self.activate?(message)
+    proc = SanitizeEmail.activation_proc
+    proc.call(message) if proc.respond_to?(:call)
+  end
+
   class << self
     attr_accessor :force_sanitize
   end

data/lib/sanitize_email/bleach.rb

@@ -2,69 +2,32 @@
 #Released under the MIT license
 
 module SanitizeEmail
+  # SanitizeEmail::Bleach determines whether to sanitize the headers of an email, and does so when appropriate.
   class Bleach
 
-    class MissingTo < StandardError;
-    end
-    class UnknownOverride < StandardError;
-    end
-
     # Can override global configs at the instance level.
     attr_accessor :engage, # Turn sanitization on or off just for this instance
-                  :sanitized_to, :sanitized_cc, :sanitized_bcc, # Replace non-white-listed addresses with these sanitized addresses.
-                  :good_list, # White-listed addresses will not be molested as to, cc, or bcc
-                  :bad_list, # Black-listed addresses will be removed from to, cc and bcc when sanitization is engaged
-                  :injected # Track whether or not the subject has been injected with usernames
+                  :overridden_addresses
 
     def initialize(args = {})
       # Not using extract_options! because non-rails compatibility is a goal
-      @sanitized_to = args[:sanitized_to] || SanitizeEmail[:sanitized_to]
-      @sanitized_cc = args[:sanitized_cc] || SanitizeEmail[:sanitized_cc]
-      @sanitized_bcc = args[:sanitized_bcc] || SanitizeEmail[:sanitized_bcc]
-      @good_list = args[:good_list] || SanitizeEmail[:good_list] || []
-      @bad_list = args[:bad_list] || SanitizeEmail[:bad_list] || []
       @engage = args[:engage] || SanitizeEmail[:engage]
-      @injected = false
     end
 
     # If all recipient addresses are white-listed the field is left alone.
     def delivering_email(message)
       if self.sanitize_engaged?(message)
-        # Cache the correct addresses. These will get overwritten when the
-        cache_to = self.to_override(message.to)
-        cache_cc = self.cc_override(message.cc)
-        cache_bcc = self.bcc_override(message.bcc)
+        SanitizeEmail::MailHeaderTools.add_original_addresses_as_headers(message)
+        SanitizeEmail::MailHeaderTools.prepend_custom_subject(message)
 
-        add_original_addresses_as_headers(message)
+        o = SanitizeEmail::OverriddenAddresses.new(message)
 
-        message.subject = self.prepend_email_to_subject(message.subject, message.to) if SanitizeEmail.use_actual_email_prepended_to_subject
-        message.subject = self.prepend_environment_to_subject(message.subject) if SanitizeEmail.use_actual_environment_prepended_to_subject
-
-        message.to = cache_to
-        message.cc = cache_cc
-        message.bcc = cache_bcc
+        message.to = o.overridden_to
+        message.cc = o.overridden_cc
+        message.bcc = o.overridden_bcc
       end
     end
 
-    def add_original_addresses_as_headers(message)
-        ## Add headers by string concat. Setting hash values on message.headers does nothing, strangely. http://goo.gl/v46GY
-        {
-            'X-Sanitize-Email-To' => message.to,
-            'X-Sanitize-Email-Cc' => message.cc
-            # Don't write out the BCC, as those addresses should not be visible in message headers for obvious reasons
-        }.each { |k, v|
-          # For each type of address line
-          v.each { |a|
-            # For each address
-            message.header = message.header.to_s.strip + "\n#{k}: #{a}"
-          } if v
-        }
-    end
-
-    def activate?(message)
-      SanitizeEmail.activation_proc.call(message) if SanitizeEmail.activation_proc.respond_to?(:call)
-    end
-
     # This method will be called by the Hook to determine if an override should occur
     # There are three ways SanitizeEmail can be turned on; in order of precedence they are:
     #
@@ -86,127 +49,8 @@ module SanitizeEmail
       return engaged unless engaged.nil?
 
       # Should we sanitize due to the activation_proc?
-      return self.activate?(message)
-
-    end
-
-    def prepend_email_to_subject(real_subject, actual_addresses)
-      if !actual_addresses.respond_to?(:join)
-        real_subject
-      else
-        "(#{actual_addresses.join(',').gsub(/@/, ' at ').gsub(/[<>]/, '~')}) #{real_subject}"
-      end
-    end
-
-    def prepend_environment_to_subject(real_subject)
-      if defined?(Rails) && Rails.env.present?
-        "[#{Rails.env}] #{real_subject}"
-      end
-    end
-
-    def to_override(actual_addresses)
-      to = override_email(:to, actual_addresses)
-      raise MissingTo, 'after overriding :to there are no addresses to send in To: header.' if to.empty?
-      to.join(',')
-    end
-
-    def cc_override(actual_addresses)
-      override_email(:cc, actual_addresses).join(',')
-    end
-
-    def bcc_override(actual_addresses)
-      override_email(:bcc, actual_addresses).join(',')
-    end
-
-    #######
-    protected
-    #######
-
-    def address_list_filter(list_type, address)
-      # TODO: How does this handle email addresses with user names like "Foo Example <foo@example.org>"
-      has_address = self.send(list_type).include?(address)
-      case list_type
-        when :good_list then
-          has_address ? address : nil
-        when :bad_list then
-          has_address ? nil : address
-      end
-    end
-
-    def inject_user_names(real_addresses, sanitized_addresses)
-      real_addresses.inject([]) do |result, real_recipient|
-        if real_recipient.nil?
-          new_recipient = sanitized_addresses
-        else
-          new_recipient = sanitized_addresses.map { |sanitized| "#{real_recipient.gsub(/@/, ' at ').gsub(/[<>]/, '~')} <#{sanitized}>" }
-        end
-        result << new_recipient
-        result
-      end.flatten
-    end
-
-    def clean_addresses(addresses, list_type)
-      # Normalize addresses just in case it isn't an array yet
-      addresses.map { |address|
-        # If this address is on the good list then let it pass
-        self.address_list_filter(list_type, address)
-      }.compact
-    end
-
-    def sanitize_addresses(type)
-      case type
-        when :to then
-          Array(self.sanitized_to)
-        when :cc then
-          Array(self.sanitized_cc)
-        when :bcc then
-          Array(self.sanitized_bcc)
-        else
-          raise UnknownOverride, "unknown email override"
-      end
-    end
-
-    # Allow good listed email addresses, and then remove the bad listed addresses
-    def good_listize(real_addresses)
-      good_listed = self.clean_addresses(real_addresses, :good_list)
-      good_listed = self.clean_addresses(good_listed, :bad_list) unless good_listed.empty?
-      good_listed
-    end
-
-    def override_email(type, actual_addresses)
-      # Normalized to an arrays
-      #puts "override_email 1: #{type} - #{actual_addresses}"
-      real_addresses = Array(actual_addresses)
-
-#puts "override_email 2: #{type} - #{real_addresses}"
-# If there were no original recipients, then we DO NOT override the nil with the sanitized recipients
-      return [] if real_addresses.empty?
-
-      good_listed = good_listize(real_addresses)
-#puts "override_email 3: #{type} - #{good_listed}"
-# If there are good_list addresses to send to then use them as is, no mods needed
-      return good_listed unless good_listed.empty?
-
-      # TODO: Allow overriding if an addressed email is on the good list?
-      # If there are no sanitized addresses we can't override!
-      sanitized_addresses = sanitize_addresses(type)
-      #puts "override_email 3: #{type} - #{sanitized_addresses}"
-      return [] if sanitized_addresses.empty?
-
-      # At this point it is assured that the address list will need to be sanitized
-      # One more check to ensure none of the configured sanitized email addresses are on the bad_list
-      sanitized_addresses = self.clean_addresses(sanitized_addresses, :bad_list)
-      #puts "override_email 4: #{type} - #{sanitized_addresses}"
-
-      # If we don't want to inject the 'email' in the 'user name' section of the sanitized recipients,
-      # then just return the default sanitized recipients
-      return sanitized_addresses unless SanitizeEmail.use_actual_email_as_sanitized_user_name
+      return SanitizeEmail.activate?(message)
 
-      with_user_names = self.inject_user_names(real_addresses, sanitized_addresses)
-      #puts "real_addresses 2: #{real_addresses}"
-      #puts "override_email 5: #{type} - #{with_user_names}"
-      # Otherwise inject the email as the 'user name'
-      return with_user_names
     end
 
   end # end Class Bleach

data/lib/sanitize_email/mail_header_tools.rb

@@ -0,0 +1,52 @@
+module SanitizeEmail
+  module MailHeaderTools
+
+    def self.prepend_subject_array(message)
+      prepend = []
+      prepend << SanitizeEmail::MailHeaderTools.prepend_email_to_subject(message.to) if SanitizeEmail.use_actual_email_prepended_to_subject
+      prepend << SanitizeEmail::MailHeaderTools.prepend_environment_to_subject if SanitizeEmail.use_actual_environment_prepended_to_subject
+      prepend
+    end
+
+    def self.prepend_environment_to_subject
+      "[#{Rails.env}]" if defined?(Rails) && Rails.env.present?
+    end
+
+    def self.prepend_email_to_subject(actual_addresses)
+      "(#{actual_addresses.join(',').gsub(/@/, ' at ').gsub(/[<>]/, '~')})" if actual_addresses.respond_to?(:join)
+    end
+
+    def self.add_original_addresses_as_headers(message)
+      ## Add headers by string concat. Setting hash values on message.headers does nothing, strangely. http://goo.gl/v46GY
+      {
+        'X-Sanitize-Email-To' => message.to, # can be an array
+        'X-Sanitize-Email-Cc' => message.cc  # can be an array
+        # Don't write out the BCC, as those addresses should not be visible in message headers for obvious reasons
+      }.each { |k, v|
+        # For each type of address line
+        SanitizeEmail::MailHeaderTools.update_header(k, v, message)
+      }
+    end
+
+    def self.prepend_custom_subject(message)
+      message.subject.insert(0, SanitizeEmail::MailHeaderTools.prepend_subject_array(message).join(' ') + ' ')
+    end
+
+    # Add headers by string concat. Setting hash values on message.headers does nothing, strangely. http://goo.gl/v46GY
+    def self.update_header(k, v, message)
+      # For each address, as v can be an array of addresses
+      Array(v).each_with_index { |a, index|
+        num = index + 1
+        header_key = num > 1 ?
+          "#{k}-#{index+1}" :
+          k
+        #puts "for #{num}: #{header_key}"
+        message.header[header_key] = a.to_s
+        # Old way
+        #message.header = message.header.to_s.strip + "\n#{k}: #{a}"
+      } if v
+      #puts "\nafter message.header:\n #{message.header}\n"
+    end
+
+  end
+end

data/lib/sanitize_email/overridden_addresses.rb

@@ -0,0 +1,129 @@
+module SanitizeEmail
+  class OverriddenAddresses
+
+    class MissingTo < StandardError;
+    end
+    class UnknownOverride < StandardError;
+    end
+
+    attr_accessor :overridden_to, :overridden_cc, :overridden_bcc,
+                  :good_list, # White-listed addresses will not be molested as to, cc, or bcc
+                  :bad_list, # Black-listed addresses will be removed from to, cc and bcc when sanitization is engaged
+                  :sanitized_to, :sanitized_cc, :sanitized_bcc # Replace non-white-listed addresses with these sanitized addresses.
+
+    def initialize(message, args = {})
+      # Not using extract_options! because non-rails compatibility is a goal
+      @sanitized_to = args[:sanitized_to] || SanitizeEmail[:sanitized_to]
+      @sanitized_cc = args[:sanitized_cc] || SanitizeEmail[:sanitized_cc]
+      @sanitized_bcc = args[:sanitized_bcc] || SanitizeEmail[:sanitized_bcc]
+      @good_list = args[:good_list] || SanitizeEmail[:good_list] || []
+      @bad_list = args[:bad_list] || SanitizeEmail[:bad_list] || []
+      @overridden_to = self.to_override(message.to)
+      @overridden_cc = self.cc_override(message.cc)
+      @overridden_bcc = self.bcc_override(message.bcc)
+    end
+
+    # Allow good listed email addresses, and then remove the bad listed addresses
+    def good_listize(real_addresses)
+      good_listed = self.clean_addresses(real_addresses, :good_list)
+      good_listed = self.clean_addresses(good_listed, :bad_list) unless good_listed.empty?
+      good_listed
+    end
+
+    def to_override(actual_addresses)
+      to = override_email(:to, actual_addresses)
+      raise MissingTo, "after overriding :to (#{actual_addresses}) there are no addresses to send in To: header." if to.empty?
+      to.join(',')
+    end
+
+    def cc_override(actual_addresses)
+      override_email(:cc, actual_addresses).join(',')
+    end
+
+    def bcc_override(actual_addresses)
+      override_email(:bcc, actual_addresses).join(',')
+    end
+
+    def override_email(type, actual_addresses)
+      # Normalized to an arrays
+      #puts "override_email 1: #{type} - #{actual_addresses}"
+      real_addresses = Array(actual_addresses)
+
+      #puts "override_email 2: #{type} - #{real_addresses}"
+      # If there were no original recipients, then we DO NOT override the nil with the sanitized recipients
+      return [] if real_addresses.empty?
+
+      good_listed = good_listize(real_addresses)
+      #puts "override_email 3: #{type} - #{good_listed}"
+      # If there are good_list addresses to send to then use them as is, no mods needed
+      return good_listed unless good_listed.empty?
+
+      # TODO: Allow overriding if an addressed email is on the good list?
+      # If there are no sanitized addresses we can't override!
+      sanitized_addresses = sanitize_addresses(type)
+      #puts "override_email 4: #{type} - #{sanitized_addresses}"
+      return [] if sanitized_addresses.empty?
+
+      # At this point it is assured that the address list will need to be sanitized
+      # One more check to ensure none of the configured sanitized email addresses are on the bad_list
+      sanitized_addresses = self.clean_addresses(sanitized_addresses, :bad_list)
+      #puts "override_email 5: #{type} - #{sanitized_addresses}"
+
+      # If we don't want to inject the 'email' in the 'user name' section of the sanitized recipients,
+      # then just return the default sanitized recipients
+      return sanitized_addresses unless SanitizeEmail.use_actual_email_as_sanitized_user_name
+
+      with_user_names = self.inject_user_names(real_addresses, sanitized_addresses)
+      #puts "real_addresses 2: #{real_addresses}"
+      #puts "override_email 6: #{type} - #{with_user_names}"
+      # Otherwise inject the email as the 'user name'
+      return with_user_names
+    end
+
+    def address_list_filter(list_type, address)
+      # TODO: How does this handle email addresses with user names like "Foo Example <foo@example.org>"
+      has_address = self.send(list_type).include?(address)
+      case list_type
+        when :good_list then
+          has_address ? address : nil
+        when :bad_list then
+          has_address ? nil : address
+      end
+    end
+
+    def inject_user_names(real_addresses, sanitized_addresses)
+      real_addresses.inject([]) do |result, real_recipient|
+        if real_recipient.nil?
+          new_recipient = sanitized_addresses
+        else
+          #puts "SANITIZED: #{sanitized_addresses}"
+          new_recipient = sanitized_addresses.map { |sanitized| "#{real_recipient.gsub(/@/, ' at ').gsub(/[<>]/, '~')} <#{sanitized}>" }
+        end
+        result << new_recipient
+        result
+      end.flatten
+    end
+
+    def clean_addresses(addresses, list_type)
+      # Normalize addresses just in case it isn't an array yet
+      addresses.map { |address|
+        # If this address is on the good list then let it pass
+        self.address_list_filter(list_type, address)
+      }.compact
+    end
+
+    def sanitize_addresses(type)
+      case type
+        when :to then
+          Array(self.sanitized_to)
+        when :cc then
+          Array(self.sanitized_cc)
+        when :bcc then
+          Array(self.sanitized_bcc)
+        else
+          raise UnknownOverride, "unknown email override"
+      end
+    end
+
+  end
+end

data/lib/sanitize_email/version.rb

@@ -1,5 +1,5 @@
 #Copyright (c) 2008-12 Peter H. Boling of 9thBit LLC
 #Released under the MIT license
 module SanitizeEmail
-  VERSION = '1.0.7'
+  VERSION = '1.0.8'
 end

data/sanitize_email.gemspec

@@ -8,7 +8,7 @@ Gem::Specification.new do |s|
   s.authors = ["Peter Boling", "John Trupiano", "George Anderson"]
   s.summary = "Rails/Sinatra/Mail gem: Test email abilities without ever sending a message to actual live addresses"
   s.description = "In Rails, Sinatra, or simply the mail gem: Aids in development, testing, qa, and production troubleshooting of email issues without worrying that emails will get sent to actual live addresses."
-  s.email = ["peter.boling@gmail.com", "jtrupiano@gmail.com", "george@benevolentcode.com"]
+  s.email = ["peter.boling@gmail.com"]
   s.extra_rdoc_files = [
     "CHANGELOG.md",
     "LICENSE",

data/spec/sanitize_email_spec.rb

@@ -60,6 +60,12 @@ describe SanitizeEmail do
     end
   end
 
+  def sanitary_mail_delivery_multiple_recipients(config_options = {})
+    SanitizeEmail.sanitary(config_options) do
+      mail_delivery_multiple_recipients
+    end
+  end
+
   def unsanitary_mail_delivery
     SanitizeEmail.unsanitary do
       mail_delivery
@@ -77,6 +83,17 @@ describe SanitizeEmail do
     end
   end
 
+  def mail_delivery_multiple_recipients
+    @email_message = Mail.deliver do
+      from      'from@example.org'
+      to        %w( to1@example.org to2@example.org to3@example.org )
+      cc        %w( cc1@example.org cc2@example.org cc3@example.org )
+      bcc       %w( bcc1@example.org bcc2@example.org bcc3@example.org )
+      reply_to  'reply_to@example.org'
+      subject   'original subject'
+    end
+  end
+
   context "module methods" do
     before(:each) do
       sanitize_spec_dryer
@@ -124,6 +141,8 @@ describe SanitizeEmail do
         @email_message.should have_to("to@sanitize_email.org")
         @email_message.should have_cc("cc@sanitize_email.org")
         @email_message.should have_bcc("bcc@sanitize_email.org")
+      end
+      it "should set headers" do
         @email_message.should have_header("X-Sanitize-Email-To", "to@example.org")
         @email_message.should have_header("X-Sanitize-Email-Cc", "cc@example.org")
         @email_message.should_not have_header("X-Sanitize-Email-Bcc", "bcc@sanitize_email.org")
@@ -134,6 +153,51 @@ describe SanitizeEmail do
       end
     end
 
+    context "sanitary with multiple recipients" do
+      before(:each) do
+        configure_sanitize_email
+        sanitary_mail_delivery_multiple_recipients
+      end
+      it "should not alter non-sanitized attributes" do
+        @email_message.should have_from('from@example.org')
+        @email_message.should have_reply_to('reply_to@example.org')
+      end
+      it "should not prepend overrides" do
+        @email_message.should_not have_to_username("to at sanitize_email.org")
+        @email_message.should_not have_subject("(to at sanitize_email.org)")
+      end
+      it "should override" do
+        @email_message.should have_to("to@sanitize_email.org")
+        @email_message.should have_cc("cc@sanitize_email.org")
+        @email_message.should have_bcc("bcc@sanitize_email.org")
+      end
+      it "should set headers for sanitized :to recipients" do
+        @email_message.should have_header("X-Sanitize-Email-To", "to1@example.org")
+        @email_message.should_not have_header("X-Sanitize-Email-To-0", "to1@example.org")
+        @email_message.should_not have_header("X-Sanitize-Email-To-1", "to1@example.org")
+        @email_message.should have_header("X-Sanitize-Email-To-2", "to2@example.org")
+        @email_message.should have_header("X-Sanitize-Email-To-3", "to3@example.org")
+      end
+      it "should set headers for sanitized :cc recipients" do
+        @email_message.should have_header("X-Sanitize-Email-Cc", "cc1@example.org")
+        @email_message.should_not have_header("X-Sanitize-Email-Cc-0", "cc1@example.org")
+        @email_message.should_not have_header("X-Sanitize-Email-Cc-1", "cc1@example.org")
+        @email_message.should have_header("X-Sanitize-Email-Cc-2", "cc2@example.org")
+        @email_message.should have_header("X-Sanitize-Email-Cc-3", "cc3@example.org")
+      end
+      it "should not set headers for sanitized :bcc recipients" do
+        @email_message.should_not have_header("X-Sanitize-Email-Bcc", "bcc1@sanitize_email.org")
+        @email_message.should_not have_header("X-Sanitize-Email-Bcc-0", "bcc1@sanitize_email.org")
+        @email_message.should_not have_header("X-Sanitize-Email-Bcc-1", "bcc1@sanitize_email.org")
+        @email_message.should_not have_header("X-Sanitize-Email-Bcc-2", "bcc2@sanitize_email.org")
+        @email_message.should_not have_header("X-Sanitize-Email-Bcc-3", "bcc3@sanitize_email.org")
+      end
+      it "should not prepend originals by default" do
+        @email_message.should_not have_to_username("to at example.org <to@sanitize_email.org>")
+        @email_message.should_not have_subject("(to at example.org) original subject")
+      end
+    end
+
     context "force_sanitize" do
       context "true" do
         before(:each) do
@@ -150,6 +214,8 @@ describe SanitizeEmail do
           @email_message.should have_to("to@sanitize_email.org")
           @email_message.should have_cc("cc@sanitize_email.org")
           @email_message.should have_bcc("bcc@sanitize_email.org")
+        end
+        it "should set headers" do
           @email_message.should have_header("X-Sanitize-Email-To", "to@example.org")
           @email_message.should have_header("X-Sanitize-Email-Cc", "cc@example.org")
           @email_message.should_not have_header("X-Sanitize-Email-Bcc", "bcc@sanitize_email.org")

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: sanitize_email
 version: !ruby/object:Gem::Version
-  version: 1.0.7
+  version: 1.0.8
   prerelease: 
 platform: ruby
 authors:
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-08-06 00:00:00.000000000 Z
+date: 2013-08-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -216,6 +216,8 @@ files:
 - lib/sanitize_email/config.rb
 - lib/sanitize_email/deprecation.rb
 - lib/sanitize_email/engine.rb
+- lib/sanitize_email/mail_header_tools.rb
+- lib/sanitize_email/overridden_addresses.rb
 - lib/sanitize_email/railtie.rb
 - lib/sanitize_email/rspec_matchers.rb
 - lib/sanitize_email/test_helpers.rb