sanitize_email 2.0.4 → 2.0.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/CHANGELOG.md +36 -1
- data/CONTRIBUTING.md +8 -0
- data/README.md +54 -6
- data/lib/sanitize_email/bleach.rb +70 -68
- data/lib/sanitize_email/config.rb +2 -2
- data/lib/sanitize_email/{engine.rb → engine_v5.rb} +4 -2
- data/lib/sanitize_email/engine_v6.rb +16 -0
- data/lib/sanitize_email/mail_ext.rb +2 -0
- data/lib/sanitize_email/mail_header_tools.rb +5 -1
- data/lib/sanitize_email/overridden_addresses.rb +17 -8
- data/lib/sanitize_email/railtie.rb +1 -0
- data/lib/sanitize_email/rspec_matchers.rb +11 -0
- data/lib/sanitize_email/version.rb +1 -1
- data/lib/sanitize_email.rb +91 -76
- data.tar.gz.sig +0 -0
- metadata +54 -39
- metadata.gz.sig +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ab280a496e5f7c676c9f34a0d9c947e79015cc1001fb64dd9c9d7240d140eeea
|
4
|
+
data.tar.gz: 455e2718f6bc3cf995b444768c2fcb855ff15685077d234c4887c829cb3b36ca
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 847a73eb85a827ff002f26e0108f3bd5ad4f9750d3de08e8461363e6effe31058fe92dee7ea7b1d3fa0260ad4f00b0f52d6df285ab0dc9fc029faac34ccca380
|
7
|
+
data.tar.gz: 1e53fb956e7bb1223192164e151509c45c6f2c7e653c5b9d194925164e1141ae969a8364209e3fd5a7db4c5d833146016a9fbdfe2c7b8f38a17be1b4c6d04004
|
checksums.yaml.gz.sig
CHANGED
Binary file
|
data/CHANGELOG.md
CHANGED
@@ -10,8 +10,39 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
10
10
|
### Fixed
|
11
11
|
### Removed
|
12
12
|
|
13
|
+
## [2.0.6] - 2024-04-25 ([tag][2.0.6t])
|
14
|
+
### Added
|
15
|
+
* Appraisals & Combustion for comprehensive testing across versions of Rails (@pboling)
|
16
|
+
* Rails 3.0 to Test Matrix (@pboling)
|
17
|
+
* Rails 3.1 to Test Matrix (@pboling)
|
18
|
+
* Rails 3.2 to Test Matrix (@pboling)
|
19
|
+
* Rails 4.0 to Test Matrix (@pboling)
|
20
|
+
* Rails 4.1 to Test Matrix (@pboling)
|
21
|
+
* Rails 4.2 to Test Matrix (@pboling)
|
22
|
+
* Rails 5.0 to Test Matrix (@pboling)
|
23
|
+
* Rails 5.1 to Test Matrix (@pboling)
|
24
|
+
* More Documentation (@pboling)
|
25
|
+
### Fixed
|
26
|
+
* Compatibility with Rails 3.0, 3.1, 3.2 (@pboling)
|
27
|
+
* Compatibility with Rails 6.0, 6.1, 7.0, 7.1 (@pboling)
|
28
|
+
|
29
|
+
## [2.0.5] - 2024-04-18 ([tag][2.0.5t])
|
30
|
+
### Added
|
31
|
+
* New RSpec matcher (@pboling)
|
32
|
+
* `have_bcc_username`
|
33
|
+
* Feature #21 - environment configuration option can now be set to proc / lambda / #call (@pboling)
|
34
|
+
* Documentation of all configuration options in README.md (@pboling)
|
35
|
+
* Many more tests
|
36
|
+
* Confirmed compatibility with [`sendgrid-actionmailer`](https://github.com/eddiezane/sendgrid-actionmailer)
|
37
|
+
* Code coverage up to 90%
|
38
|
+
### Changed
|
39
|
+
* Averted deprecation warnings when using Rails 6 (@pboling)
|
40
|
+
## Fixed
|
41
|
+
* Bug #37 - Unable to send email when only CC or BCC present
|
42
|
+
|
13
43
|
## [2.0.4] - 2024-03-22 ([tag][2.0.4t])
|
14
44
|
### Added
|
45
|
+
* [#74](https://github.com/pboling/sanitize_email/pull/74) Support sanitizing SendGrid personalization fields (@joeyparis)
|
15
46
|
* mail gem dependency (@pboling)
|
16
47
|
* version_gem dependency (@pboling)
|
17
48
|
* new RSpec Matchers (@pboling)
|
@@ -260,7 +291,11 @@ Old version?
|
|
260
291
|
* Fixed require paths
|
261
292
|
* added about.yml and this CHANGELOG
|
262
293
|
|
263
|
-
[Unreleased]: https://github.com/pboling/sanitize_email/compare/v2.0.
|
294
|
+
[Unreleased]: https://github.com/pboling/sanitize_email/compare/v2.0.6...HEAD
|
295
|
+
[2.0.6]: https://github.com/pboling/sanitize_email/compare/v2.0.5...v2.0.6
|
296
|
+
[2.0.6t]: https://github.com/pboling/sanitize_email/tags/v2.0.6
|
297
|
+
[2.0.5]: https://github.com/pboling/sanitize_email/compare/v2.0.4...v2.0.5
|
298
|
+
[2.0.5t]: https://github.com/pboling/sanitize_email/tags/v2.0.5
|
264
299
|
[2.0.4]: https://github.com/pboling/sanitize_email/compare/v2.0.3...v2.0.4
|
265
300
|
[2.0.4t]: https://github.com/pboling/sanitize_email/tags/v2.0.4
|
266
301
|
[2.0.3]: https://github.com/pboling/sanitize_email/compare/v2.0.2...v2.0.3
|
data/CONTRIBUTING.md
CHANGED
@@ -7,6 +7,14 @@ the [code of conduct][🤝conduct].
|
|
7
7
|
To submit a patch, please fork the project and create a patch with tests. Once you're happy with it send a pull request
|
8
8
|
and post a message to the [gitter chat][🏘chat].
|
9
9
|
|
10
|
+
## Appraisal & Combustion
|
11
|
+
|
12
|
+
### Generate a new set of Appraisal gemfiles:
|
13
|
+
|
14
|
+
```sh
|
15
|
+
BUNDLE_GEMFILE=gemfiles/vanilla.gemfile appraisal generate
|
16
|
+
```
|
17
|
+
|
10
18
|
## Release
|
11
19
|
|
12
20
|
To release a new version:
|
data/README.md
CHANGED
@@ -61,6 +61,17 @@ testing your email in the aforementioned `mailcatcher` may not be enough.
|
|
61
61
|
If you want to test all the way through Paubox's system, but have the email go to a safe testing account address,
|
62
62
|
then this is the gem for you.
|
63
63
|
|
64
|
+
## Compatibility
|
65
|
+
|
66
|
+
⚙️ Compatible with all versions of Ruby >= 2.3, plus JRuby and Truffleruby.
|
67
|
+
⚙️ Compatible with all Ruby web Frameworks (Hanami, Roda, Sinatra, Rails).
|
68
|
+
⚙️ Compatible with all versions of Rails from 3.0 - 7.1+.
|
69
|
+
⚙️ Compatible with scripted usage of Mail gem outside a web framework.
|
70
|
+
⚙️ Compatible with [`sendgrid-actionmailer`](https://github.com/eddiezane/sendgrid-actionmailer)'s support for personalizations, and will override email addresses there according to the configuration.
|
71
|
+
⚙️ If this gem is not compatible with your use case, and you'd like it to be, I'd like to hear about it!
|
72
|
+
|
73
|
+
It was a slog getting (very nearly) the entire compatibility matrix working with Github Actions, [`appraisal`](https://github.com/thoughtbot/appraisal), and [`combustion`](https://github.com/pat/combustion), and I'm very interested in hearing about ways to improve it!
|
74
|
+
|
64
75
|
## 🛞 DVCS
|
65
76
|
|
66
77
|
This project does not trust any one version control system,
|
@@ -116,7 +127,7 @@ appended indicators:
|
|
116
127
|
| 4️⃣ | testing | [![Supported][🏘sup-wf-img]][🏘sup-wf] [![Heads][🚎heads-wf-img]][🚎heads-wf] |
|
117
128
|
| 5️⃣ | coverage & security | [![CodeClimate][🔑cc-covi]][🔑cc-cov] [![CodeCov][🖇codecov-img♻️]][🖇codecov] [![Coveralls][🏘coveralls-img]][🏘coveralls] [![Security Policy][🚎sec-pol-img]][🚎sec-pol] [![CodeQL][🖐codeQL-img]][🖐codeQL] [![Code Coverage][🧮cov-wf-img]][🧮cov-wf] |
|
118
129
|
| 6️⃣ | resources | [![Get help on Codementor][🖇codementor-img]][🖇codementor] [![Chat][🏘chat-img]][🏘chat] [![Blog][🚎blog-img]][🚎blog] [![Wiki][🖐wiki-img]][🖐wiki] |
|
119
|
-
| 7️⃣ |
|
130
|
+
| 7️⃣ | `...` 💖 | [![Liberapay Patrons][⛳liberapay-img]][⛳liberapay] [![Sponsor Me][🖇sponsor-img]][🖇sponsor] [![Follow Me on LinkedIn][🖇linkedin-img]][🖇linkedin] [![Find Me on WellFound:][✌️wellfound-img]][✌️wellfound] [![Find Me on CrunchBase][💲crunchbase-img]][💲crunchbase] [![My LinkTree][🌳linktree-img]][🌳linktree] [![Follow Me on Ruby.Social][🐘ruby-mast-img]][🐘ruby-mast] [![Follow Me on FLOSS.Social][🐘floss-mast-img]][🐘floss-mast] [![Follow Me on Mastodon.Social][🐘mast-img]][🐘mast] [![Tweet @ Peter][🐦tweet-img]][🐦tweet] [💻][coderme] [🌏][aboutme] |
|
120
131
|
|
121
132
|
<!--
|
122
133
|
The link tokens in the following sections should be kept ordered by the row and badge numbering scheme
|
@@ -219,7 +230,7 @@ The link tokens in the following sections should be kept ordered by the row and
|
|
219
230
|
It's particularly helpful when you want to prevent the delivery of email (e.g. in development/test environments) or alter the to/cc/bcc (e.g. in staging or demo environments) of all email generated from your application.
|
220
231
|
|
221
232
|
* compatible without Rails! Can work with just the `mail` gem.
|
222
|
-
* compatible with Rails >=
|
233
|
+
* compatible with Rails >= 3.0. See gem versions 1.x for older versions of Rails.
|
223
234
|
* compatible with Ruby >= 2.3. See gem versions 1.x for older versions of Ruby.
|
224
235
|
* compatible with any Ruby app with a mail handler that uses the `register_interceptor` API (a la ActionMailer and `mail` gems)
|
225
236
|
* configure it and forget it
|
@@ -354,6 +365,8 @@ end
|
|
354
365
|
|
355
366
|
Keep in mind, this is ruby (and possibly rails), so you can add conditionals or utilize different environment.rb files to customize these settings on a per-environment basis.
|
356
367
|
|
368
|
+
## Override the override
|
369
|
+
|
357
370
|
But wait there's more:
|
358
371
|
|
359
372
|
Let's say you have a method in your model that you can call to test the signup email. You want to be able to test sending it to any user at any time... but you don't want the user to ACTUALLY get the email, even in production. A dilemma, yes? Not anymore!
|
@@ -364,7 +377,9 @@ To override the environment based switch use `force_sanitize`, which is normally
|
|
364
377
|
SanitizeEmail.force_sanitize = true
|
365
378
|
```
|
366
379
|
|
367
|
-
|
380
|
+
When testing your email in a console, you can manipulate how email will be handled in this way.
|
381
|
+
|
382
|
+
There are also two methods that take a block and turn SanitizeEmail on or off (see section on Thread Safety below):
|
368
383
|
|
369
384
|
Regardless of the Config settings of SanitizeEmail you can do a local override to force unsanitary email in any environment.
|
370
385
|
|
@@ -394,6 +409,36 @@ You have access to all the same configuration options in the parameter hash as y
|
|
394
409
|
end
|
395
410
|
```
|
396
411
|
|
412
|
+
## Configuration Options
|
413
|
+
|
414
|
+
As used in the "Description" column below, `engaged` means: `SanitizeEmail.activate?(message) # => true`.
|
415
|
+
This happens in a few different ways, and two of them are in the config below (`engage` and `activation_proc`).
|
416
|
+
|
417
|
+
| Option | Type (Yard format) | Description |
|
418
|
+
|---------------------------------------------|--------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------|
|
419
|
+
| sanitized_to | [String, Array[String]] | (when engaged) Override CC field with these addresses |
|
420
|
+
| sanitized_cc | [String, Array[String]] | (when engaged) Override CC field with these addresses |
|
421
|
+
| sanitized_bcc | [String, Array[String]] | (when engaged) Override BCC field with these addresses |
|
422
|
+
| good_list | [Array[String]] | (when engaged) Email addresses to allow to pass-through without overriding |
|
423
|
+
| bad_list | [Array[String]] | (when engaged) Email addresses to be removed from message's TO, CC, & BCC |
|
424
|
+
| environment | [String, #to_s, Proc, Lambda, #call] | (when engaged) The environment value to use wherever it is added to message (e.g. in the subject line) |
|
425
|
+
| use_actual_email_as_sanitized_user_name | [Boolean] | (when engaged) Use "real" email address as username for sanitized email address (e.g. "real at example.com <sanitized@example.com>") |
|
426
|
+
| use_actual_email_prepended_to_subject | [Boolean] | (when engaged) Use "real" email address prepended to subject (e.g. "real at example.com Original Subject") |
|
427
|
+
| use_actual_environment_prepended_to_subject | [Boolean] | (when engaged) Use `environment` prepended to subject (e.g. "{{ STAGING }} Original Subject") |
|
428
|
+
| engage | [Boolean, nil] | Boolean will turn engage or disengage this gem, while `nil` ignores this setting and instead checks `activation_proc` |
|
429
|
+
| activation_proc | [Proc, Lambda, #call] | When checked, due to `engage: nil`, the result will either engage or disengage this gem |
|
430
|
+
|
431
|
+
## Thread Safety
|
432
|
+
|
433
|
+
So long as you don't change the config after initializing it at runtime, you'll be fine.
|
434
|
+
Like many Ruby tools' config objects, it is a single config object, shared by all threads.
|
435
|
+
The helpers like `sanitary`, `unsanitary`, `janitor`, and `force_sanitize`
|
436
|
+
are intended to be used in single threaded environments,
|
437
|
+
like a test suite, or a console session.
|
438
|
+
|
439
|
+
I doubt I'll ever have a need for runtime reconfiguration of the config,
|
440
|
+
so I doubt I'll ever have a reason to make it "more" thread safe than it is now, but PRs are welcome!
|
441
|
+
|
397
442
|
## Use sanitize_email in your test suite!
|
398
443
|
|
399
444
|
### rspec
|
@@ -631,15 +676,18 @@ Learn more about, or become one of, our 🎖 contributors on:
|
|
631
676
|
## Running Specs
|
632
677
|
|
633
678
|
The basic compatibility matrix:
|
634
|
-
```
|
679
|
+
```sh
|
635
680
|
appraisal install
|
636
681
|
appraisal rake test
|
637
682
|
```
|
638
683
|
|
639
684
|
Sometimes also:
|
685
|
+
```sh
|
686
|
+
BUNDLE_GEMFILE=gemfiles/vanilla.gemfile appraisal update
|
640
687
|
```
|
641
|
-
|
642
|
-
|
688
|
+
|
689
|
+
Except, is unlikely to be possible to install all of the supported Rubies & Railsies in a single container...
|
690
|
+
See the various github action workflows for more inspiration on running certain oldies.
|
643
691
|
|
644
692
|
### Code Coverage
|
645
693
|
|
@@ -10,84 +10,86 @@ module SanitizeEmail
|
|
10
10
|
extend SanitizeEmail::Deprecation
|
11
11
|
attr_accessor :overridden_addresses # TODO: Just a stub, not implemented
|
12
12
|
|
13
|
-
|
14
|
-
|
15
|
-
|
13
|
+
class << self
|
14
|
+
# If all recipient addresses are allow-listed the field is left alone.
|
15
|
+
def delivering_email(message)
|
16
|
+
return unless sanitize_engaged?(message)
|
16
17
|
|
17
|
-
|
18
|
-
|
19
|
-
|
18
|
+
SanitizeEmail::MailHeaderTools
|
19
|
+
.add_original_addresses_as_headers(message)
|
20
|
+
SanitizeEmail::MailHeaderTools
|
21
|
+
.prepend_custom_subject(message)
|
20
22
|
|
21
|
-
|
22
|
-
.add_original_addresses_as_headers(message)
|
23
|
-
SanitizeEmail::MailHeaderTools
|
24
|
-
.prepend_custom_subject(message)
|
23
|
+
overridden = SanitizeEmail::OverriddenAddresses.new(message)
|
25
24
|
|
26
|
-
|
25
|
+
message.to = overridden.overridden_to
|
26
|
+
message.cc = overridden.overridden_cc
|
27
|
+
message.bcc = overridden.overridden_bcc
|
27
28
|
|
28
|
-
|
29
|
-
message.cc = overridden.overridden_cc
|
30
|
-
message.bcc = overridden.overridden_bcc
|
29
|
+
return if message["personalizations"].nil?
|
31
30
|
|
32
|
-
|
31
|
+
message["personalizations"].value = overridden.overridden_personalizations
|
32
|
+
end
|
33
33
|
|
34
|
-
|
35
|
-
|
34
|
+
# Will be called by the Hook to determine if an override should occur
|
35
|
+
# There are three ways SanitizeEmail can be turned on;
|
36
|
+
# in order of precedence they are:
|
37
|
+
#
|
38
|
+
# 1. SanitizeEmail.force_sanitize = true # by default it is nil
|
39
|
+
# Only useful for local context.
|
40
|
+
# Inside a method where you will be sending an email, set
|
41
|
+
#
|
42
|
+
# SanitizeEmail.force_sanitize = true
|
43
|
+
#
|
44
|
+
# just prior to delivering it. Also useful in the console.
|
45
|
+
#
|
46
|
+
# 2. If SanitizeEmail seems to not be sanitizing,
|
47
|
+
# you have probably not registered the interceptor.
|
48
|
+
# SanitizeEmail tries to do this for you.
|
49
|
+
# *Note*: If you are working in an environment that has
|
50
|
+
# a Mail or Mailer class that uses the register_interceptor API,
|
51
|
+
# the interceptor will already have been registered.
|
52
|
+
# The gem will probably have already done this for you,
|
53
|
+
# but some really old versions of Rails may need you to do this manually:
|
54
|
+
#
|
55
|
+
# Mail.register_interceptor(SanitizeEmail::Bleach)
|
56
|
+
#
|
57
|
+
# Once registered, SanitizeEmail needs to be engaged:
|
58
|
+
#
|
59
|
+
# # in config/initializers/sanitize_email.rb
|
60
|
+
# SanitizeEmail::Config.configure {|config| config[:engage] = true }
|
61
|
+
#
|
62
|
+
# 3. SanitizeEmail::Config.configure do |config|
|
63
|
+
# config[:activation_proc] = Proc.new { true }
|
64
|
+
# end
|
65
|
+
#
|
66
|
+
# If you don't need to compute anything,
|
67
|
+
# then don't use the Proc, go with the previous option.
|
68
|
+
#
|
69
|
+
# Note: Number 1 is the method used by the SanitizeEmail.sanitary block
|
70
|
+
# Note: Number 2 You may need to setup your own register_interceptor
|
71
|
+
#
|
72
|
+
# If installed but not configured, sanitize_email DOES NOTHING.
|
73
|
+
# Until configured the defaults leave it turned off.
|
74
|
+
def sanitize_engaged?(message)
|
75
|
+
# Don't sanitize the message if it will not be delivered
|
76
|
+
return false unless message.perform_deliveries
|
36
77
|
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
#
|
41
|
-
# 1. SanitizeEmail.force_sanitize = true # by default it is nil
|
42
|
-
# Only useful for local context.
|
43
|
-
# Inside a method where you will be sending an email, set
|
44
|
-
#
|
45
|
-
# SanitizeEmail.force_sanitize = true
|
46
|
-
#
|
47
|
-
# just prior to delivering it. Also useful in the console.
|
48
|
-
#
|
49
|
-
# 2. If SanitizeEmail seems to not be sanitizing,
|
50
|
-
# you have probably not registered the interceptor.
|
51
|
-
# SanitizeEmail tries to do this for you.
|
52
|
-
# *Note*: If you are working in an environment that has
|
53
|
-
# a Mail or Mailer class that uses the register_interceptor API,
|
54
|
-
# the interceptor will already have been registered.
|
55
|
-
# The gem will probably have already done this for you,
|
56
|
-
# but some really old versions of Rails may need you to do this manually:
|
57
|
-
#
|
58
|
-
# Mail.register_interceptor(SanitizeEmail::Bleach)
|
59
|
-
#
|
60
|
-
# Once registered, SanitizeEmail needs to be engaged:
|
61
|
-
#
|
62
|
-
# # in config/initializers/sanitize_email.rb
|
63
|
-
# SanitizeEmail::Config.configure {|config| config[:engage] = true }
|
64
|
-
#
|
65
|
-
# 3. SanitizeEmail::Config.configure do |config|
|
66
|
-
# config[:activation_proc] = Proc.new { true }
|
67
|
-
# end
|
68
|
-
#
|
69
|
-
# If you don't need to compute anything,
|
70
|
-
# then don't use the Proc, go with the previous option.
|
71
|
-
#
|
72
|
-
# Note: Number 1 is the method used by the SanitizeEmail.sanitary block
|
73
|
-
# Note: Number 2 You may need to setup your own register_interceptor
|
74
|
-
#
|
75
|
-
# If installed but not configured, sanitize_email DOES NOTHING.
|
76
|
-
# Until configured the defaults leave it turned off.
|
77
|
-
def self.sanitize_engaged?(message)
|
78
|
-
# Don't sanitize the message if it will not be delivered
|
79
|
-
return false unless message.perform_deliveries
|
78
|
+
# Has it been forced via the force_sanitize mattr?
|
79
|
+
forced = SanitizeEmail.force_sanitize
|
80
|
+
return forced unless forced.nil?
|
80
81
|
|
81
|
-
|
82
|
-
|
83
|
-
|
82
|
+
# Is this particular instance of Bleach engaged
|
83
|
+
engaged = SanitizeEmail::Config.config[:engage]
|
84
|
+
return engaged unless engaged.nil?
|
84
85
|
|
85
|
-
|
86
|
-
|
87
|
-
|
86
|
+
# Should we sanitize due to the activation_proc?
|
87
|
+
SanitizeEmail.activate?(message)
|
88
|
+
end
|
89
|
+
end
|
88
90
|
|
89
|
-
|
90
|
-
|
91
|
+
def initialize(*args)
|
92
|
+
deprecation_message unless args.empty?
|
91
93
|
end
|
92
94
|
|
93
95
|
private
|
@@ -42,11 +42,11 @@ module SanitizeEmail
|
|
42
42
|
|
43
43
|
# Use the "real" email address as the username
|
44
44
|
# for the sanitized email address
|
45
|
-
# e.g. "real
|
45
|
+
# e.g. "real at example.com <sanitized@example.com>"
|
46
46
|
use_actual_email_as_sanitized_user_name: false,
|
47
47
|
|
48
48
|
# Prepend the "real" email address onto the Subject line of the message
|
49
|
-
# e.g. "real
|
49
|
+
# e.g. "real at example.com rest of subject"
|
50
50
|
use_actual_email_prepended_to_subject: false,
|
51
51
|
|
52
52
|
# Prepend the Rails environment onto the Subject line of the message
|
@@ -2,10 +2,12 @@
|
|
2
2
|
|
3
3
|
# Copyright (c) 2008 - 2018, 2020, 2022, 2024 Peter H. Boling of RailsBling.com
|
4
4
|
# Released under the MIT license
|
5
|
+
require "rails/engine"
|
5
6
|
|
6
7
|
module SanitizeEmail
|
7
|
-
# For Rails >= 3.1
|
8
|
-
|
8
|
+
# For Rails >= 3.1, < 6.0
|
9
|
+
# TODO: Remove when support for Rails < 6 is dropped
|
10
|
+
class EngineV5 < ::Rails::Engine
|
9
11
|
config.to_prepare do
|
10
12
|
ActionMailer::Base.register_interceptor(SanitizeEmail::Bleach)
|
11
13
|
end
|
@@ -0,0 +1,16 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright (c) 2008 - 2018, 2020, 2022, 2024 Peter H. Boling of RailsBling.com
|
4
|
+
# Released under the MIT license
|
5
|
+
require "rails/engine"
|
6
|
+
|
7
|
+
module SanitizeEmail
|
8
|
+
# For Rails >= 6.0
|
9
|
+
class EngineV6 < ::Rails::Engine
|
10
|
+
config.to_prepare do
|
11
|
+
# For the reasoning behind the difference between v5 and v6 engines,
|
12
|
+
# - see: https://github.com/rails/rails/issues/36546#issuecomment-850888284
|
13
|
+
Rails.application.config.action_mailer.register_interceptor(SanitizeEmail::Bleach)
|
14
|
+
end
|
15
|
+
end
|
16
|
+
end
|
@@ -26,7 +26,11 @@ module SanitizeEmail
|
|
26
26
|
end
|
27
27
|
|
28
28
|
def self.prepend_environment_to_subject
|
29
|
-
SanitizeEmail::Config.config[:environment]
|
29
|
+
if SanitizeEmail::Config.config[:environment].respond_to?(:call)
|
30
|
+
SanitizeEmail::Config.config[:environment].call.to_s
|
31
|
+
else
|
32
|
+
SanitizeEmail::Config.config[:environment].to_s
|
33
|
+
end
|
30
34
|
end
|
31
35
|
|
32
36
|
def self.prepend_email_to_subject(actual_addresses)
|
@@ -9,8 +9,11 @@ require "mail"
|
|
9
9
|
module SanitizeEmail
|
10
10
|
# Tools for overriding addresses
|
11
11
|
class OverriddenAddresses
|
12
|
-
# Raised when
|
13
|
-
class
|
12
|
+
# Raised when there are no recipients after sanitization
|
13
|
+
class MissingRecipients < StandardError; end
|
14
|
+
|
15
|
+
# MissingTo is Deprecated
|
16
|
+
class MissingTo < MissingRecipients; end
|
14
17
|
|
15
18
|
# Raised if there is a recipient type that sanitize_email doesn't recognize.
|
16
19
|
# If you get this error please report it.
|
@@ -45,16 +48,23 @@ module SanitizeEmail
|
|
45
48
|
tempmail.cc = cc_override(message.cc)
|
46
49
|
tempmail.bcc = bcc_override(message.bcc)
|
47
50
|
|
51
|
+
# remove addresses from :cc / :bcc that are also in :to
|
48
52
|
remove_duplicates
|
49
53
|
|
50
54
|
@overridden_to = tempmail[:to].decoded
|
51
55
|
@overridden_cc = tempmail[:cc].decoded
|
52
56
|
@overridden_bcc = tempmail[:bcc].decoded
|
53
57
|
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
+
actual_personalizations = message["personalizations"]
|
59
|
+
if actual_personalizations.nil?
|
60
|
+
raise MissingRecipients, "No recipients left post-sanitization" if (tempmail.to + tempmail.cc + tempmail.bcc).empty?
|
61
|
+
elsif actual_personalizations.respond_to?(:unparsed_value)
|
62
|
+
@overridden_personalizations = personalizations_override(actual_personalizations)
|
63
|
+
else
|
64
|
+
# TODO: Remove check when dropping Rails 3.x
|
65
|
+
# undefined method `unparsed_value' for #<Mail::OptionalField>
|
66
|
+
raise MissingRecipients, "Mail version is too old to use personalizations"
|
67
|
+
end
|
58
68
|
end
|
59
69
|
|
60
70
|
# Allow good listed email addresses, and then remove the bad listed addresses
|
@@ -66,8 +76,6 @@ module SanitizeEmail
|
|
66
76
|
|
67
77
|
def to_override(actual_addresses)
|
68
78
|
to = override_email(:to, actual_addresses)
|
69
|
-
raise MissingTo, "after overriding :to (#{actual_addresses}) there are no addresses to send in To: header." if to.empty?
|
70
|
-
|
71
79
|
to.join(",")
|
72
80
|
end
|
73
81
|
|
@@ -79,6 +87,7 @@ module SanitizeEmail
|
|
79
87
|
override_email(:bcc, actual_addresses).join(",")
|
80
88
|
end
|
81
89
|
|
90
|
+
# Intended to result in compatibility with https://github.com/eddiezane/sendgrid-actionmailer
|
82
91
|
def personalizations_override(actual_personalizations)
|
83
92
|
actual_personalizations.unparsed_value.map do |actual_personalization|
|
84
93
|
actual_personalization.merge(
|
@@ -89,6 +89,17 @@ module SanitizeEmail
|
|
89
89
|
end
|
90
90
|
end
|
91
91
|
|
92
|
+
RSpec::Matchers.define("have_bcc_username") do |matcher|
|
93
|
+
def get_bcc_usernames(email_message)
|
94
|
+
to_addrs = email_message[:bcc].addrs
|
95
|
+
to_addrs.map(&:name)
|
96
|
+
end
|
97
|
+
match do |actual|
|
98
|
+
@actual = get_bcc_usernames(actual)
|
99
|
+
expect(@actual).to(include(match(matcher)))
|
100
|
+
end
|
101
|
+
end
|
102
|
+
|
92
103
|
# Cribbed from email_spec gem
|
93
104
|
RSpec::Matchers.define("have_body_text") do |matcher|
|
94
105
|
def get_fuzzy_body(email_message)
|
data/lib/sanitize_email.rb
CHANGED
@@ -18,10 +18,19 @@ module SanitizeEmail
|
|
18
18
|
# Error is raised when a block parameter is required and not provided to a method
|
19
19
|
class MissingBlockParameter < StandardError; end
|
20
20
|
|
21
|
+
# Load order matters here!
|
22
|
+
# This gem must be loaded **after** Rails in order for the Engine/Railtie to register itself automatically.
|
23
|
+
# Otherwise, you'd have to manually require what you need from below.
|
21
24
|
# Allow non-rails implementations to use this gem
|
22
25
|
if defined?(::Rails) && defined?(::Rails::VERSION)
|
23
26
|
if defined?(::Rails::Engine)
|
24
|
-
|
27
|
+
if ::Rails::VERSION::MAJOR >= 6
|
28
|
+
# Rails 6.0+
|
29
|
+
require "sanitize_email/engine_v6"
|
30
|
+
else
|
31
|
+
# Rails 3.1 to 5.2
|
32
|
+
require "sanitize_email/engine_v5"
|
33
|
+
end
|
25
34
|
elsif ::Rails::VERSION::MAJOR == 3 && ::Rails::VERSION::MINOR.zero?
|
26
35
|
require "sanitize_email/railtie"
|
27
36
|
else
|
@@ -42,95 +51,101 @@ module SanitizeEmail
|
|
42
51
|
end
|
43
52
|
end
|
44
53
|
|
45
|
-
|
46
|
-
|
47
|
-
SanitizeEmail::Config.config[key.to_sym]
|
48
|
-
end
|
54
|
+
class << self
|
55
|
+
extend SanitizeEmail::Deprecation
|
49
56
|
|
50
|
-
|
51
|
-
SanitizeEmail[name]
|
52
|
-
end
|
57
|
+
attr_accessor :force_sanitize
|
53
58
|
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
end
|
59
|
+
def [](key)
|
60
|
+
return unless key.respond_to?(:to_sym)
|
61
|
+
SanitizeEmail::Config.config[key.to_sym]
|
62
|
+
end
|
59
63
|
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
64
|
+
def method_missing(name, *_args)
|
65
|
+
if name
|
66
|
+
SanitizeEmail[name]
|
67
|
+
else
|
68
|
+
super
|
69
|
+
end
|
70
|
+
end
|
65
71
|
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
end
|
72
|
+
def respond_to_missing?(method_name, include_private = false)
|
73
|
+
method_name ? method_name : super
|
74
|
+
end
|
70
75
|
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
76
|
+
# NOTE: Deprecated method
|
77
|
+
# We have to actually define because we can't deprecate methods that are hooked up via method_missing
|
78
|
+
def sanitized_recipients
|
79
|
+
# NOOP - This method is never actually executed, because the deprecations redirects the call to sanitized_to
|
80
|
+
end
|
75
81
|
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
#
|
81
|
-
# SanitizeEmail.sanitary({:sanitized_to => "boo@example.com"}) do
|
82
|
-
# Mail.deliver do
|
83
|
-
# from "from@example.org"
|
84
|
-
# # Will actually be sent to the override addresses, not this one:
|
85
|
-
# to "to@example.org"
|
86
|
-
# reply_to "reply_to@example.org"
|
87
|
-
# subject "subject"
|
88
|
-
# end
|
89
|
-
# end
|
90
|
-
#
|
91
|
-
def self.sanitary(config_options = {})
|
92
|
-
raise MissingBlockParameter, "SanitizeEmail.sanitary must be called with a block" unless block_given?
|
93
|
-
janitor(forcing: true) do
|
94
|
-
original = SanitizeEmail::Config.config.dup
|
95
|
-
SanitizeEmail::Config.config.merge!(config_options)
|
96
|
-
yield
|
97
|
-
SanitizeEmail::Config.config = original
|
82
|
+
# NOTE: Deprecated method
|
83
|
+
# We have to actually define because we can't deprecate methods that are hooked up via method_missing
|
84
|
+
def local_environments
|
85
|
+
SanitizeEmail::Config.config[:local_environments]
|
98
86
|
end
|
99
|
-
end
|
100
87
|
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
# SanitizeEmail.unsanitary do
|
105
|
-
# Mail.deliver do
|
106
|
-
# from "from@example.org"
|
107
|
-
# to "to@example.org"
|
108
|
-
# reply_to "reply_to@example.org"
|
109
|
-
# subject "subject"
|
110
|
-
# end
|
111
|
-
# end
|
112
|
-
#
|
113
|
-
def self.unsanitary
|
114
|
-
raise MissingBlockParameter, "SanitizeEmail.unsanitary must be called with a block" unless block_given?
|
115
|
-
janitor(forcing: false) do
|
116
|
-
yield
|
88
|
+
def activate?(message)
|
89
|
+
proc = SanitizeEmail::Config.config[:activation_proc]
|
90
|
+
proc.call(message) if proc.respond_to?(:call)
|
117
91
|
end
|
118
|
-
end
|
119
92
|
|
120
|
-
|
121
|
-
|
122
|
-
|
123
|
-
SanitizeEmail.
|
124
|
-
|
125
|
-
SanitizeEmail.
|
126
|
-
|
93
|
+
# Regardless of the Config settings of SanitizeEmail you can do a local
|
94
|
+
# override to send sanitary email in any environment.
|
95
|
+
# You have access to all the same configuration options in the parameter hash
|
96
|
+
# as you can set in the actual SanitizeEmail.configure block.
|
97
|
+
#
|
98
|
+
# SanitizeEmail.sanitary({:sanitized_to => "boo@example.com"}) do
|
99
|
+
# Mail.deliver do
|
100
|
+
# from "from@example.org"
|
101
|
+
# # Will actually be sent to the override addresses, not this one:
|
102
|
+
# to "to@example.org"
|
103
|
+
# reply_to "reply_to@example.org"
|
104
|
+
# subject "subject"
|
105
|
+
# end
|
106
|
+
# end
|
107
|
+
#
|
108
|
+
def sanitary(config_options = {})
|
109
|
+
raise MissingBlockParameter, "SanitizeEmail.sanitary must be called with a block" unless block_given?
|
110
|
+
janitor(forcing: true) do
|
111
|
+
original = SanitizeEmail::Config.config.dup
|
112
|
+
SanitizeEmail::Config.config.merge!(config_options)
|
113
|
+
yield
|
114
|
+
SanitizeEmail::Config.config = original
|
115
|
+
end
|
116
|
+
end
|
117
|
+
|
118
|
+
# Regardless of the Config settings of SanitizeEmail you can do a local
|
119
|
+
# override to force unsanitary email in any environment.
|
120
|
+
#
|
121
|
+
# SanitizeEmail.unsanitary do
|
122
|
+
# Mail.deliver do
|
123
|
+
# from "from@example.org"
|
124
|
+
# to "to@example.org"
|
125
|
+
# reply_to "reply_to@example.org"
|
126
|
+
# subject "subject"
|
127
|
+
# end
|
128
|
+
# end
|
129
|
+
#
|
130
|
+
def unsanitary
|
131
|
+
raise MissingBlockParameter, "SanitizeEmail.unsanitary must be called with a block" unless block_given?
|
132
|
+
janitor(forcing: false) do
|
133
|
+
yield
|
134
|
+
end
|
135
|
+
end
|
136
|
+
|
137
|
+
def janitor(options)
|
138
|
+
raise MissingBlockParameter, "SanitizeEmail.janitor must be called with a block" unless block_given?
|
139
|
+
original = SanitizeEmail.force_sanitize
|
140
|
+
SanitizeEmail.force_sanitize = options[:forcing]
|
141
|
+
yield
|
142
|
+
SanitizeEmail.force_sanitize = original
|
143
|
+
end
|
127
144
|
|
128
|
-
# Setup Deprecations!
|
129
|
-
class << self
|
130
|
-
extend SanitizeEmail::Deprecation
|
131
145
|
deprecated_alias :sanitized_recipients, :sanitized_to
|
132
146
|
deprecated :local_environments, :activation_proc
|
133
147
|
end
|
148
|
+
@force_sanitize = nil
|
134
149
|
end
|
135
150
|
|
136
151
|
SanitizeEmail::Version.class_eval do
|
data.tar.gz.sig
CHANGED
Binary file
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sanitize_email
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.0.
|
4
|
+
version: 2.0.6
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Peter Boling
|
@@ -38,26 +38,29 @@ cert_chain:
|
|
38
38
|
KuxrfYrN+9HvMdm+nZ6TypmKftHY3Gj+/uu+g8Icm/zrvTWAEE0mcJOkfrIoNPJb
|
39
39
|
pF8dMA==
|
40
40
|
-----END CERTIFICATE-----
|
41
|
-
date: 2024-
|
41
|
+
date: 2024-04-25 00:00:00.000000000 Z
|
42
42
|
dependencies:
|
43
43
|
- !ruby/object:Gem::Dependency
|
44
44
|
name: mail
|
45
45
|
requirement: !ruby/object:Gem::Requirement
|
46
46
|
requirements:
|
47
|
-
- - "
|
47
|
+
- - "~>"
|
48
48
|
- !ruby/object:Gem::Version
|
49
|
-
version: '0'
|
49
|
+
version: '2.0'
|
50
50
|
type: :runtime
|
51
51
|
prerelease: false
|
52
52
|
version_requirements: !ruby/object:Gem::Requirement
|
53
53
|
requirements:
|
54
|
-
- - "
|
54
|
+
- - "~>"
|
55
55
|
- !ruby/object:Gem::Version
|
56
|
-
version: '0'
|
56
|
+
version: '2.0'
|
57
57
|
- !ruby/object:Gem::Dependency
|
58
58
|
name: version_gem
|
59
59
|
requirement: !ruby/object:Gem::Requirement
|
60
60
|
requirements:
|
61
|
+
- - "~>"
|
62
|
+
- !ruby/object:Gem::Version
|
63
|
+
version: '1.1'
|
61
64
|
- - ">="
|
62
65
|
- !ruby/object:Gem::Version
|
63
66
|
version: 1.1.4
|
@@ -65,85 +68,68 @@ dependencies:
|
|
65
68
|
prerelease: false
|
66
69
|
version_requirements: !ruby/object:Gem::Requirement
|
67
70
|
requirements:
|
68
|
-
- - "
|
69
|
-
- !ruby/object:Gem::Version
|
70
|
-
version: 1.1.4
|
71
|
-
- !ruby/object:Gem::Dependency
|
72
|
-
name: actionmailer
|
73
|
-
requirement: !ruby/object:Gem::Requirement
|
74
|
-
requirements:
|
75
|
-
- - ">="
|
71
|
+
- - "~>"
|
76
72
|
- !ruby/object:Gem::Version
|
77
|
-
version: '
|
78
|
-
type: :development
|
79
|
-
prerelease: false
|
80
|
-
version_requirements: !ruby/object:Gem::Requirement
|
81
|
-
requirements:
|
73
|
+
version: '1.1'
|
82
74
|
- - ">="
|
83
75
|
- !ruby/object:Gem::Version
|
84
|
-
version:
|
76
|
+
version: 1.1.4
|
85
77
|
- !ruby/object:Gem::Dependency
|
86
78
|
name: appraisal
|
87
79
|
requirement: !ruby/object:Gem::Requirement
|
88
80
|
requirements:
|
89
81
|
- - "~>"
|
90
82
|
- !ruby/object:Gem::Version
|
91
|
-
version: '2'
|
83
|
+
version: '2.5'
|
92
84
|
type: :development
|
93
85
|
prerelease: false
|
94
86
|
version_requirements: !ruby/object:Gem::Requirement
|
95
87
|
requirements:
|
96
88
|
- - "~>"
|
97
89
|
- !ruby/object:Gem::Version
|
98
|
-
version: '2'
|
90
|
+
version: '2.5'
|
99
91
|
- !ruby/object:Gem::Dependency
|
100
|
-
name:
|
92
|
+
name: json
|
101
93
|
requirement: !ruby/object:Gem::Requirement
|
102
94
|
requirements:
|
103
95
|
- - ">="
|
104
96
|
- !ruby/object:Gem::Version
|
105
|
-
version:
|
106
|
-
- - "<="
|
107
|
-
- !ruby/object:Gem::Version
|
108
|
-
version: '8'
|
97
|
+
version: 1.7.7
|
109
98
|
type: :development
|
110
99
|
prerelease: false
|
111
100
|
version_requirements: !ruby/object:Gem::Requirement
|
112
101
|
requirements:
|
113
102
|
- - ">="
|
114
103
|
- !ruby/object:Gem::Version
|
115
|
-
version:
|
116
|
-
- - "<="
|
117
|
-
- !ruby/object:Gem::Version
|
118
|
-
version: '8'
|
104
|
+
version: 1.7.7
|
119
105
|
- !ruby/object:Gem::Dependency
|
120
106
|
name: rake
|
121
107
|
requirement: !ruby/object:Gem::Requirement
|
122
108
|
requirements:
|
123
109
|
- - ">="
|
124
110
|
- !ruby/object:Gem::Version
|
125
|
-
version:
|
111
|
+
version: 0.8.7
|
126
112
|
type: :development
|
127
113
|
prerelease: false
|
128
114
|
version_requirements: !ruby/object:Gem::Requirement
|
129
115
|
requirements:
|
130
116
|
- - ">="
|
131
117
|
- !ruby/object:Gem::Version
|
132
|
-
version:
|
118
|
+
version: 0.8.7
|
133
119
|
- !ruby/object:Gem::Dependency
|
134
120
|
name: rdoc
|
135
121
|
requirement: !ruby/object:Gem::Requirement
|
136
122
|
requirements:
|
137
123
|
- - ">="
|
138
124
|
- !ruby/object:Gem::Version
|
139
|
-
version: '3
|
125
|
+
version: '3'
|
140
126
|
type: :development
|
141
127
|
prerelease: false
|
142
128
|
version_requirements: !ruby/object:Gem::Requirement
|
143
129
|
requirements:
|
144
130
|
- - ">="
|
145
131
|
- !ruby/object:Gem::Version
|
146
|
-
version: '3
|
132
|
+
version: '3'
|
147
133
|
- !ruby/object:Gem::Dependency
|
148
134
|
name: rspec
|
149
135
|
requirement: !ruby/object:Gem::Requirement
|
@@ -178,6 +164,26 @@ dependencies:
|
|
178
164
|
- - ">="
|
179
165
|
- !ruby/object:Gem::Version
|
180
166
|
version: 1.0.5
|
167
|
+
- !ruby/object:Gem::Dependency
|
168
|
+
name: rspec-pending_for
|
169
|
+
requirement: !ruby/object:Gem::Requirement
|
170
|
+
requirements:
|
171
|
+
- - "~>"
|
172
|
+
- !ruby/object:Gem::Version
|
173
|
+
version: '0.1'
|
174
|
+
- - ">="
|
175
|
+
- !ruby/object:Gem::Version
|
176
|
+
version: 0.1.16
|
177
|
+
type: :development
|
178
|
+
prerelease: false
|
179
|
+
version_requirements: !ruby/object:Gem::Requirement
|
180
|
+
requirements:
|
181
|
+
- - "~>"
|
182
|
+
- !ruby/object:Gem::Version
|
183
|
+
version: '0.1'
|
184
|
+
- - ">="
|
185
|
+
- !ruby/object:Gem::Version
|
186
|
+
version: 0.1.16
|
181
187
|
description: |2
|
182
188
|
Email Condom for your Ruby Server.
|
183
189
|
In Rails, Sinatra, et al, or simply the mail gem: Aids in development, testing, qa, and production troubleshooting of email issues without worrying that emails will get sent to actual live addresses.
|
@@ -197,7 +203,8 @@ files:
|
|
197
203
|
- lib/sanitize_email/bleach.rb
|
198
204
|
- lib/sanitize_email/config.rb
|
199
205
|
- lib/sanitize_email/deprecation.rb
|
200
|
-
- lib/sanitize_email/
|
206
|
+
- lib/sanitize_email/engine_v5.rb
|
207
|
+
- lib/sanitize_email/engine_v6.rb
|
201
208
|
- lib/sanitize_email/mail_ext.rb
|
202
209
|
- lib/sanitize_email/mail_header_tools.rb
|
203
210
|
- lib/sanitize_email/overridden_addresses.rb
|
@@ -205,10 +212,18 @@ files:
|
|
205
212
|
- lib/sanitize_email/rspec_matchers.rb
|
206
213
|
- lib/sanitize_email/test_helpers.rb
|
207
214
|
- lib/sanitize_email/version.rb
|
208
|
-
homepage:
|
215
|
+
homepage: https://github.com/pboling/sanitize_email
|
209
216
|
licenses:
|
210
217
|
- MIT
|
211
|
-
metadata:
|
218
|
+
metadata:
|
219
|
+
homepage_uri: https://github.com/pboling/sanitize_email
|
220
|
+
source_code_uri: https://github.com/pboling/sanitize_email/tree/v2.0.6
|
221
|
+
changelog_uri: https://github.com/pboling/sanitize_email/blob/v2.0.6/CHANGELOG.md
|
222
|
+
bug_tracker_uri: https://github.com/pboling/sanitize_email/issues
|
223
|
+
documentation_uri: https://www.rubydoc.info/gems/sanitize_email/2.0.6
|
224
|
+
wiki_uri: https://github.com/pboling/sanitize_email/wiki
|
225
|
+
funding_uri: https://liberapay.com/pboling
|
226
|
+
rubygems_mfa_required: 'true'
|
212
227
|
post_install_message:
|
213
228
|
rdoc_options: []
|
214
229
|
require_paths:
|
@@ -224,7 +239,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
224
239
|
- !ruby/object:Gem::Version
|
225
240
|
version: '0'
|
226
241
|
requirements: []
|
227
|
-
rubygems_version: 3.5.
|
242
|
+
rubygems_version: 3.5.9
|
228
243
|
signing_key:
|
229
244
|
specification_version: 4
|
230
245
|
summary: Email Condom for your Ruby Server
|
metadata.gz.sig
CHANGED
Binary file
|