Class: SanitizeEmail::Bleach

Inherits:

Object

• Object
• SanitizeEmail::Bleach

Defined in:

lib/sanitize_email/bleach.rb

Defined Under Namespace

Classes: MissingTo, UnknownOverride

Instance Attribute Summary

• #bad_list ⇒ Object

  Can override global configs at the instance level.

• #engage ⇒ Object

  Can override global configs at the instance level.

• #good_list ⇒ Object

  Can override global configs at the instance level.

• #injected ⇒ Object

  Can override global configs at the instance level.

• #sanitized_bcc ⇒ Object

  Can override global configs at the instance level.

• #sanitized_cc ⇒ Object

  Can override global configs at the instance level.

• #sanitized_to ⇒ Object

  Can override global configs at the instance level.

Instance Method Summary

• #activate?(message) ⇒ Boolean
• #add_original_addresses_as_headers(message) ⇒ Object
• #bcc_override(actual_addresses) ⇒ Object
• #cc_override(actual_addresses) ⇒ Object
• #delivering_email(message) ⇒ Object

  If all recipient addresses are white-listed the field is left alone.

• #initialize(args = {}) ⇒ Bleach constructor

  A new instance of Bleach.

• #prepend_email_to_subject(real_subject, actual_addresses) ⇒ Object
• #prepend_environment_to_subject(real_subject) ⇒ Object
• #sanitize_engaged?(message) ⇒ Boolean

  This method will be called by the Hook to determine if an override should occur There are three ways SanitizeEmail can be turned on; in order of precedence they are:.

• #to_override(actual_addresses) ⇒ Object

Constructor Details

#initialize(args = {}) ⇒ Bleach

Returns a new instance of Bleach.

# File 'lib/sanitize_email/bleach.rb', line 19

def initialize(args = {})
  # Not using extract_options! because non-rails compatibility is a goal
  @sanitized_to = args[:sanitized_to] || SanitizeEmail[:sanitized_to]
  @sanitized_cc = args[:sanitized_cc] || SanitizeEmail[:sanitized_cc]
  @sanitized_bcc = args[:sanitized_bcc] || SanitizeEmail[:sanitized_bcc]
  @good_list = args[:good_list] || SanitizeEmail[:good_list] || []
  @bad_list = args[:bad_list] || SanitizeEmail[:bad_list] || []
  @engage = args[:engage] || SanitizeEmail[:engage]
  @injected = false
end

Instance Attribute Details

#bad_list ⇒ Object

Can override global configs at the instance level.

# File 'lib/sanitize_email/bleach.rb', line 13

def bad_list
  @bad_list
end

#engage ⇒ Object

Can override global configs at the instance level.

# File 'lib/sanitize_email/bleach.rb', line 13

def engage
  @engage
end

#good_list ⇒ Object

Can override global configs at the instance level.

# File 'lib/sanitize_email/bleach.rb', line 13

def good_list
  @good_list
end

#injected ⇒ Object

Can override global configs at the instance level.

# File 'lib/sanitize_email/bleach.rb', line 13

def injected
  @injected
end

#sanitized_bcc ⇒ Object

Can override global configs at the instance level.

# File 'lib/sanitize_email/bleach.rb', line 13

def sanitized_bcc
  @sanitized_bcc
end

#sanitized_cc ⇒ Object

Can override global configs at the instance level.

# File 'lib/sanitize_email/bleach.rb', line 13

def sanitized_cc
  @sanitized_cc
end

#sanitized_to ⇒ Object

Can override global configs at the instance level.

# File 'lib/sanitize_email/bleach.rb', line 13

def sanitized_to
  @sanitized_to
end

Instance Method Details

#activate?(message) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/sanitize_email/bleach.rb', line 64

def activate?(message)
  SanitizeEmail.activation_proc.call(message) if SanitizeEmail.activation_proc.respond_to?(:call)
end

#add_original_addresses_as_headers(message) ⇒ Object

# File 'lib/sanitize_email/bleach.rb', line 49

def add_original_addresses_as_headers(message)
    ## Add headers by string concat. Setting hash values on message.headers does nothing, strangely. http://goo.gl/v46GY
    {
        'X-Sanitize-Email-To' => message.to,
        'X-Sanitize-Email-Cc' => message.cc
        # Don't write out the BCC, as those addresses should not be visible in message headers for obvious reasons
    }.each { |k, v|
      # For each type of address line
      v.each { |a|
        # For each address
        message.header = message.header.to_s.strip + "\n#{k}: #{a}"
      } if v
    }
end

#bcc_override(actual_addresses) ⇒ Object

# File 'lib/sanitize_email/bleach.rb', line 117

def bcc_override(actual_addresses)
  override_email(:bcc, actual_addresses).join(',')
end

#cc_override(actual_addresses) ⇒ Object

# File 'lib/sanitize_email/bleach.rb', line 113

def cc_override(actual_addresses)
  override_email(:cc, actual_addresses).join(',')
end

#delivering_email(message) ⇒ Object

If all recipient addresses are white-listed the field is left alone.

# File 'lib/sanitize_email/bleach.rb', line 31

def delivering_email(message)
  if self.sanitize_engaged?(message)
    # Cache the correct addresses. These will get overwritten when the
    cache_to = self.to_override(message.to)
    cache_cc = self.cc_override(message.cc)
    cache_bcc = self.bcc_override(message.bcc)

    add_original_addresses_as_headers(message)

    message.subject = self.prepend_email_to_subject(message.subject, message.to) if SanitizeEmail.use_actual_email_prepended_to_subject
    message.subject = self.prepend_environment_to_subject(message.subject) if SanitizeEmail.use_actual_environment_prepended_to_subject

    message.to = cache_to
    message.cc = cache_cc
    message.bcc = cache_bcc
  end
end

#prepend_email_to_subject(real_subject, actual_addresses) ⇒ Object

# File 'lib/sanitize_email/bleach.rb', line 93

def prepend_email_to_subject(real_subject, actual_addresses)
  if !actual_addresses.respond_to?(:join)
    real_subject
  else
    "(#{actual_addresses.join(',').gsub(/@/, ' at ').gsub(/[<>]/, '~')}) #{real_subject}"
  end
end

#prepend_environment_to_subject(real_subject) ⇒ Object

# File 'lib/sanitize_email/bleach.rb', line 101

def prepend_environment_to_subject(real_subject)
  if defined?(Rails) && Rails.env.present?
    "[#{Rails.env}] #{real_subject}"
  end
end

#sanitize_engaged?(message) ⇒ Boolean

This method will be called by the Hook to determine if an override should occur There are three ways SanitizeEmail can be turned on; in order of precedence they are:

1. SanitizeEmail.force_sanitize = true # by default it is nil

2. Mail.register_interceptor(SanitizeEmail::Bleach.new(:engage => true)) # by default it is nil

3. SanitizeEmail::Config.configure {|config| config = Proc.new { true } } be default it is false

Note: Number 1 is the method used by the SanitizeEmail.sanitary block Note: Number 2 would not be used unless you setup your own register_interceptor) If installed but not configured, sanitize email DOES NOTHING. Until configured the defaults leave it turned off.

Returns:

• (Boolean)

# File 'lib/sanitize_email/bleach.rb', line 78

def sanitize_engaged?(message)

  # Has it been forced via the force_sanitize mattr?
  forced = SanitizeEmail.force_sanitize
  return forced unless forced.nil?

  # Is this particular instance of Bleach engaged
  engaged = self.engage
  return engaged unless engaged.nil?

  # Should we sanitize due to the activation_proc?
  return self.activate?(message)

end

#to_override(actual_addresses) ⇒ Object

Raises:

• (MissingTo)

# File 'lib/sanitize_email/bleach.rb', line 107

def to_override(actual_addresses)
  to = override_email(:to, actual_addresses)
  raise MissingTo, 'after overriding :to there are no addresses to send in To: header.' if to.empty?
  to.join(',')
end