mirror
/
FairEmail
mirror of https://github.com/M66B/FairEmail.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Sanitize external email attributes

This commit is contained in:
M66B 2018-12-17 17:42:45 +01:00
parent b1a8d90f43
commit 7f68ce4c1c
1 changed files with 32 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
app/src/main/java/eu/faircode/email/ActivityCompose.java
View File

@ -23,10 +23,16 @@ import android.content.Intent;
import android.net.Uri; import android.net.Uri;
import android.os.Bundle; import android.os.Bundle;
import android.text.TextUtils; import android.text.TextUtils;
import android.util.Log;
import android.view.MenuItem; import android.view.MenuItem;
import org.jsoup.Jsoup;
import java.util.ArrayList; import java.util.ArrayList;
import javax.mail.internet.AddressException;
import javax.mail.internet.InternetAddress;
import androidx.fragment.app.FragmentManager; import androidx.fragment.app.FragmentManager;
import androidx.fragment.app.FragmentTransaction; import androidx.fragment.app.FragmentTransaction;
import androidx.lifecycle.Lifecycle; import androidx.lifecycle.Lifecycle;
@ -64,37 +70,57 @@ public class ActivityCompose extends ActivityBilling implements FragmentManager.
if (uri != null && "mailto".equals(uri.getScheme())) { if (uri != null && "mailto".equals(uri.getScheme())) {
String to = uri.getSchemeSpecificPart(); String to = uri.getSchemeSpecificPart();
if (to != null) if (to != null)
args.putString("to", to); try {
InternetAddress.parse(to);
args.putString("to", to);
} catch (AddressException ex) {
Log.w(Helper.TAG, ex + "\n" + Log.getStackTraceString(ex));
}
} }
if (intent.hasExtra(Intent.EXTRA_EMAIL)) { if (intent.hasExtra(Intent.EXTRA_EMAIL)) {
String[] to = intent.getStringArrayExtra(Intent.EXTRA_EMAIL); String[] to = intent.getStringArrayExtra(Intent.EXTRA_EMAIL);
if (to != null) if (to != null)
args.putString("to", TextUtils.join(", ", to)); try {
InternetAddress.parse(TextUtils.join(", ", to));
args.putString("to", TextUtils.join(", ", to));
} catch (AddressException ex) {
Log.w(Helper.TAG, ex + "\n" + Log.getStackTraceString(ex));
}
} }
if (intent.hasExtra(Intent.EXTRA_CC)) { if (intent.hasExtra(Intent.EXTRA_CC)) {
String[] cc = intent.getStringArrayExtra(Intent.EXTRA_CC); String[] cc = intent.getStringArrayExtra(Intent.EXTRA_CC);
if (cc != null) if (cc != null)
args.putString("cc", TextUtils.join(", ", cc)); try {
InternetAddress.parse(TextUtils.join(", ", cc));
args.putString("cc", TextUtils.join(", ", cc));
} catch (AddressException ex) {
Log.w(Helper.TAG, ex + "\n" + Log.getStackTraceString(ex));
}
} }
if (intent.hasExtra(Intent.EXTRA_BCC)) { if (intent.hasExtra(Intent.EXTRA_BCC)) {
String[] bcc = intent.getStringArrayExtra(Intent.EXTRA_BCC); String[] bcc = intent.getStringArrayExtra(Intent.EXTRA_BCC);
if (bcc != null) if (bcc != null)
args.putString("bcc", TextUtils.join(", ", bcc)); try {
InternetAddress.parse(TextUtils.join(", ", bcc));
args.putString("bcc", TextUtils.join(", ", bcc));
} catch (AddressException ex) {
Log.w(Helper.TAG, ex + "\n" + Log.getStackTraceString(ex));
}
} }
if (intent.hasExtra(Intent.EXTRA_SUBJECT)) { if (intent.hasExtra(Intent.EXTRA_SUBJECT)) {
String subject = intent.getStringExtra(Intent.EXTRA_SUBJECT); String subject = intent.getStringExtra(Intent.EXTRA_SUBJECT);
if (subject != null) if (subject != null)
args.putString("subject", subject); args.putString("subject", Jsoup.parse(subject).text());
} }
if (intent.hasExtra(Intent.EXTRA_TEXT)) { if (intent.hasExtra(Intent.EXTRA_TEXT)) {
String body = intent.getStringExtra(Intent.EXTRA_TEXT); // Intent.EXTRA_HTML_TEXT String body = intent.getStringExtra(Intent.EXTRA_TEXT); // Intent.EXTRA_HTML_TEXT
if (body != null) if (body != null)
args.putString("body", body); args.putString("body", Jsoup.parse(body).text());
} }
if (intent.hasExtra(Intent.EXTRA_STREAM)) if (intent.hasExtra(Intent.EXTRA_STREAM))