Make WordPress Core

Opened 9 years ago

Last modified 3 years ago

#28473 new defect (bug)

wp_mail incorrectly parses multiline From header

Reported by: artyname's profile arty.name Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version: 3.9.1
Component: Mail Keywords: has-patch needs-testing has-unit-tests needs-refresh
Focuses: Cc:

Description

wp_mail tries to parse From: header when it is contained in headers. It fails when the header is multiline. Multiline headers are common when non-ascii characters are used and quoted-printable escaping kicks in.

Example input:

From: =?UTF-8?Q?=D0=92=D0=B7=D0=B3=D0=BB=D1=8F=D0=B4=20=D0=BD=D0=B0=20=D0=BE?=
 =?UTF-8?Q?=D0=BA=D1=80=D1=83=D0=B6=D0=B0=D1=8E=D1=89=D0=B8=D0=B9=20=D0=BC?=
 =?UTF-8?Q?=D0=B8=D1=80?= <live-positive@yandex.ru>

Parsed email in $from_email:

=?UTF-8?Q?=D0=92=D0=B7=D0=B3=D0=BB=D1=8F=D0=B4=20=D0=BD=D0=B0=20=D0=BE?=

Attachments (2)

28473.patch (1.3 KB) - added by arty.name 9 years ago.
proposed fix
28473-2.diff (2.6 KB) - added by stephenharris 7 years ago.

Download all attachments as: .zip

Change History (8)

@arty.name
9 years ago

proposed fix

#1 @arty.name
9 years ago

I have attached a patch which might fix the problem by improving how wordpress parses headers. First of all, it treats multiline headers as one (continuation of header can be easily detected by first character being a whitespace). Second, if there's a mb_decode_mimeheader present, it is used to parse the $from_name.

#2 @arty.name
9 years ago

Any chance for this to get some attention?

#3 @MikeHansenMe
9 years ago

  • Keywords has-patch needs-testing added

#4 @chriscct7
8 years ago

  • Keywords needs-refresh added

#5 @stephenharris
7 years ago

  • Keywords has-unit-tests added; needs-refresh removed

Refreshed patch added, includes unit test.

#6 @desrosj
3 years ago

  • Keywords needs-refresh added
  • Milestone set to Awaiting Review

28473-2.diff needs to be refreshed.

Note: See TracTickets for help on using tickets.