Skip to content

Commit

Permalink
stages/email: fix sanitization of email addresses (#9999)
Browse files Browse the repository at this point in the history
Signed-off-by: Jens Langhammer <[email protected]>
  • Loading branch information
BeryJu authored Jun 6, 2024
1 parent 198e8b9 commit 5d85802
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 5 deletions.
2 changes: 1 addition & 1 deletion authentik/stages/email/tests/test_templates.py
Original file line number Diff line number Diff line change
Expand Up @@ -96,7 +96,7 @@ def test_template_address(self):
"""Test addresses are correctly parsed"""
message = TemplateEmailMessage(to=[("[email protected]", "[email protected]")])
[sanitize_address(addr, "utf-8") for addr in message.recipients()]
self.assertEqual(message.recipients(), ["[email protected]"])
self.assertEqual(message.recipients(), ['"[email protected]" <[email protected]>'])
message = TemplateEmailMessage(to=[("some-name", "[email protected]")])
[sanitize_address(addr, "utf-8") for addr in message.recipients()]
self.assertEqual(message.recipients(), ["some-name <[email protected]>"])
6 changes: 2 additions & 4 deletions authentik/stages/email/utils.py
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
from pathlib import Path

from django.core.mail import EmailMultiAlternatives
from django.core.mail.message import sanitize_address
from django.template.exceptions import TemplateDoesNotExist
from django.template.loader import render_to_string
from django.utils import translation
Expand All @@ -31,10 +32,7 @@ def __init__(
sanitized_to = []
# Ensure that all recipients are valid
for recipient_name, recipient_email in to:
if recipient_name == recipient_email:
sanitized_to.append(recipient_email)
else:
sanitized_to.append(f"{recipient_name} <{recipient_email}>")
sanitized_to.append(sanitize_address((recipient_name, recipient_email), "utf-8"))
super().__init__(to=sanitized_to, **kwargs)
if not template_name:
return
Expand Down

0 comments on commit 5d85802

Please sign in to comment.