[New-bugs-announce] [issue16983] header parsing could apply postel's law to encoded words inside quotes
R. David Murray
report at bugs.python.org
Wed Jan 16 22:13:44 CET 2013
New submission from R. David Murray:
It has come to my attention that at least some mail agents apply postel's law to addresses like the following:
From: "=?utf-8?Q?not_really_valid?=" <foo at example.com>
Since encountering something that looks like an encoded word but that is not is a very unlikely occurrence, we could go ahead and decode such strings, resulting in
"not really valid" <foo at example.com>
a defect would be registered, and some sort of 'strict' policy mode could refuse to do the decode (as well as several other non-compliant patterns, such as encoded words not separated by whitespace). I think the decoding should be the default, though.
This applies also to other headers where words or phrases can be quoted, such as in filenames. I have also encountered the quoted-encoded-word-as-filename in the wild.
----------
components: email
messages: 180108
nosy: barry, r.david.murray
priority: normal
severity: normal
stage: needs patch
status: open
title: header parsing could apply postel's law to encoded words inside quotes
type: enhancement
versions: Python 3.4
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue16983>
_______________________________________
More information about the New-bugs-announce
mailing list