pacnpal/django-anymail
1
0
Fork 0
mirror of https://github.com/pacnpal/django-anymail.git synced 2025-12-21 20:31:06 -05:00
Code Issues Packages Projects Releases Wiki Activity

Fix: flag extra_headers["To"] as unsupported

Browse Source 
Django's SMTP EmailBackend allows spoofing the To header by setting
`message.extra_headers["To"]`` different from `message.to`.

No current Anymail ESP supports this. Treat extra_headers["To"] as
an unsupported ESP feature, to flag attempts to use it.

Also document Anymail's special header handling that replicates
Django's SMTP EmailBackend behavior.
This commit is contained in:
medmunds
2018-02-27 13:43:58 -08:00
parent 07fbeac6bd
commit 06c7077e37
3 changed files with 61 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
tests/test_general_backend.py
View File

@@ -371,3 +371,11 @@ class SpecialHeaderTests(TestBackendTestCase):
self.assertEqual(params['from'].address, "Header From <header@example.com>")
self.assertEqual(params['envelope_sender'], "envelope@bounces.example.com")
self.assertNotIn("From", params.get('extra_headers', {})) # From was removed from extra-headers
def test_spoofed_to_header(self):
"""Django treats message.to as envelope-recipient if message.extra_headers['To'] is set"""
# No current ESP supports this (and it's unlikely they would)
self.message.to = ["actual-recipient@example.com"]
self.message.extra_headers = {"To": "Apparent Recipient <but-not-really@example.com>"}
with self.assertRaisesMessage(AnymailUnsupportedFeature, "spoofing `To` header"):
self.message.send()