No escaping of comma in 'to' field #77
Comments
|
yep, so like like #76 we should check for obviously malformed fields (but at the end of the day the Flask-Mail is the interface to SMTP (or any other mailer), so we wouldn't encode the input (breaks current behavior). |
|
@asyschikov actually I am going to back pedal on this, validation is hard and not something flask mail is trying to provide. This is going to be a wontfix. |
|
@jamesonjlee in my opinion it is not really a validation but an escaping. If a library (flask-mail) provides setter interface like msg['To'] I would expect it to escape things that can break functioning of the protocol underneath otherwise it is leaky abstraction. |
|
this would breaks tests for that makes sure the mailer fails on bad recipient fields, so I am still hesitant on adding something like this. At best we would be doing the same thing that the underlying connection would be doing. |
|
oh and there is a different in behavior between 2 and 3, so maybe we should. sigh. |
msg['To'] = 'a,b <[email protected]>will produce error, because comma separates recipients and must be escaped within one recipient.The text was updated successfully, but these errors were encountered: