Message287119
Comments are allowed almost everywhere in an email message, and should be eliminated before attributing any meaning to a field. In the words of RFC5322, any CRLF that appears in FWS is semantically "invisible".
In particular, some note that comments can be used to deceive an email filter. For example, like so:
Content-Disposition: attachment;
filename=''attached%2E";
filename*1*="%62";
filename*2=(fool filters)at
(I don't know which, if any, email clients would execute that batch...)
Anyway, removing comments is needed for any structured header field. One is usually interested in the unfolded, de-commented value. It is difficult to do correctly, because of nesting and quoting possibilities.
This issue seems to be ignored, except for address lists (there is a getcomment() member in AddrlistClass). Why? |
|
Date |
User |
Action |
Args |
2017-02-06 11:28:50 | ale2017 | set | recipients:
+ ale2017, barry, r.david.murray |
2017-02-06 11:28:50 | ale2017 | set | messageid: <1486380530.49.0.923389621241.issue29462@psf.upfronthosting.co.za> |
2017-02-06 11:28:50 | ale2017 | link | issue29462 messages |
2017-02-06 11:28:49 | ale2017 | create | |
|