Class: SanitizeEmail::Bleach

Inherits:
Object
  • Object
show all
Defined in:
lib/sanitize_email/bleach.rb

Overview

SanitizeEmail::Bleach determines whether to sanitize the headers of an email, and does so when appropriate.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(args = {}) ⇒ Bleach

Returns a new instance of Bleach.



12
13
14
15
 
# File 'lib/sanitize_email/bleach.rb', line 12

def initialize(args = {})
  # Not using extract_options! because non-rails compatibility is a goal
  @engage = args[:engage] || SanitizeEmail::Config.config[:engage]
end

Instance Attribute Details

#engageObject

Can override global configs at the instance level.



9
10
11
 
# File 'lib/sanitize_email/bleach.rb', line 9

def engage
  @engage
end

#overridden_addressesObject

Can override global configs at the instance level.



9
10
11
 
# File 'lib/sanitize_email/bleach.rb', line 9

def overridden_addresses
  @overridden_addresses
end

Instance Method Details

#delivering_email(message) ⇒ Object

If all recipient addresses are white-listed the field is left alone.



18
19
20
21
22
23
24
25
26
27
28
29
 
# File 'lib/sanitize_email/bleach.rb', line 18

def delivering_email(message)
  if self.sanitize_engaged?(message)
    SanitizeEmail::MailHeaderTools.add_original_addresses_as_headers(message)
    SanitizeEmail::MailHeaderTools.prepend_custom_subject(message)

    overridden = SanitizeEmail::OverriddenAddresses.new(message)

    message.to = overridden.overridden_to
    message.cc = overridden.overridden_cc
    message.bcc = overridden.overridden_bcc
  end
end

#sanitize_engaged?(message) ⇒ Boolean

This method will be called by the Hook to determine if an override should occur There are four ways SanitizeEmail can be turned on; in order of precedence they are:

  1. SanitizeEmail.force_sanitize = true # by default it is nil

Only useful for local context.  Inside a method where you will be sending an email,
set SanitizeEmail.force_sanitize = true just prior to delivering it.  Also useful in the console.

  1. Mail.register_interceptor(SanitizeEmail::Bleach.new(:engage => true)) # by default it is nil

If SanitizeEmail seems to not be sanitizing you have probably not registered the interceptor.  SanitizeEmail tries to do this for you.
Note: If you are working in an environment that has a Mail or Mailer class that uses the register_interceptor API, the interceptor will already have been registered by SanitizeEmail (however, note lack of :engage => true):
  Mail.register_interceptor(SanitizeEmail::Bleach.new
Without :engage => true the interceptor is inactive, and will require engaging via one of the other methods.
As an example you could do the following to engage SanitizeEmail:
  SanitizeEmail::Config.configure {|config| config[:engage] = true }

  1. SanitizeEmail::Config.configure {|config| config = Proc.new { true } } # by default it is false

If you don't need to compute anything, then don't use the Proc, go with the next option.

  1. SanitizeEmail::Config.configure {|config| config = true } # by default it is nil

Note: Number 1 is the method used by the SanitizeEmail.sanitary block Note: Number 2 See note accompanying 2: you may need to setup your own register_interceptor

If installed but not configured, sanitize_email DOES NOTHING. Until configured the defaults leave it turned off.

Returns:

  • (Boolean) 


52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
 
# File 'lib/sanitize_email/bleach.rb', line 52

def sanitize_engaged?(message)

  # Don't sanitize the message if it will not be delivered
  return false unless message.perform_deliveries

  # Has it been forced via the force_sanitize mattr?
  forced = SanitizeEmail.force_sanitize
  return forced unless forced.nil?

  # Is this particular instance of Bleach engaged
  engaged = self.engage
  return engaged unless engaged.nil?

  # Should we sanitize due to the activation_proc?
  return SanitizeEmail.activate?(message)

end