Message345879
Python 2.7 doesn't have email.policy module.
For Python 2.7, I wrote this code:
---
import email.header
import email.message
msg = email.message.Message()
msg.set_charset("UTF-8")
msg['Subject'] = email.header.Header(u'\u0105' * 12, maxlinelen=20, charset="UTF-8")
print(msg.as_string())
---
I get this output:
---
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Subject: =?utf-8?b?xIU=?=
=?utf-8?b?xIU=?=
=?utf-8?b?xIU=?=
=?utf-8?b?xIU=?=
=?utf-8?b?xIU=?=
=?utf-8?b?xIU=?=
=?utf-8?b?xIU=?=
=?utf-8?b?xIU=?=
=?utf-8?b?xIU=?=
=?utf-8?b?xIU=?=
=?utf-8?b?xIU=?=
=?utf-8?b?xIU=?=
---
I have no idea if this example says that Python 2.7 is vulnerable or not. I get a different output on the master branch:
---
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Subject: =?utf-8?b?xIXEhcSFxIXEhcSFxIXEhcSFxIXEhcSF?=
---
But I don't know if I use the email API properly. "Subject: =?utf-8?b?xIXEhcSFxIXEhcSFxIXEhcSFxIXEhcSF?=" is longer than 20 characters. |
|
Date |
User |
Action |
Args |
2019-06-17 16:50:46 | vstinner | set | recipients:
+ vstinner, barry, r.david.murray, rad164, xtreak |
2019-06-17 16:50:46 | vstinner | set | messageid: <1560790246.63.0.88379697841.issue33529@roundup.psfhosted.org> |
2019-06-17 16:50:46 | vstinner | link | issue33529 messages |
2019-06-17 16:50:46 | vstinner | create | |
|