class SanitizeEmail::Bleach
Determines whether to sanitize the headers of an email,
and does so when appropriate.
Attributes
overridden_addresses[RW]
Public Class Methods
delivering_email(message)
click to toggle source
If all recipient addresses are white-listed the field is left alone.
# File lib/sanitize_email/bleach.rb, line 18 def self.delivering_email(message) return nil unless sanitize_engaged?(message) SanitizeEmail::MailHeaderTools. add_original_addresses_as_headers(message) SanitizeEmail::MailHeaderTools. prepend_custom_subject(message) overridden = SanitizeEmail::OverriddenAddresses.new(message) message.to = overridden.overridden_to message.cc = overridden.overridden_cc message.bcc = overridden.overridden_bcc end
new(*args)
click to toggle source
# File lib/sanitize_email/bleach.rb, line 13 def initialize(*args) deprecation_message unless args.empty? end
sanitize_engaged?(message)
click to toggle source
Will be called by the Hook to determine if an override should occur There are three ways SanitizeEmail
can be turned on;
in order of precedence they are:
-
SanitizeEmail.force_sanitize
= true # by default it is nil
Only useful for local context. Inside a method where you will be sending an email, set SanitizeEmail.force_sanitize = true just prior to delivering it. Also useful in the console.
-
If
SanitizeEmail
seems to not be sanitizing,you have probably not registered the interceptor.
SanitizeEmail tries to do this for you. *Note*: If you are working in an environment that has a Mail or Mailer class that uses the register_interceptor API, the interceptor will already have been registered. The gem will probably have already done this for you, but some really old versions of Rails may need you to do this manually: Mail.register_interceptor(SanitizeEmail::Bleach) Once registered, SanitizeEmail needs to be engaged: # in config/initializers/sanitize_email.rb SanitizeEmail::Config.configure {|config| config[:engage] = true }
-
SanitizeEmail::Config.configure
do |config|config[:activation_proc] = Proc.new { true }
end
If you don't need to compute anything, then don't use the Proc, go with the previous option.
Note: Number 1 is the method used by the SanitizeEmail.sanitary
block Note: Number 2 You may need to setup your own register_interceptor
If installed but not configured, sanitize_email DOES NOTHING. Until configured the defaults leave it turned off.
# File lib/sanitize_email/bleach.rb, line 72 def self.sanitize_engaged?(message) # Don't sanitize the message if it will not be delivered return false unless message.perform_deliveries # Has it been forced via the force_sanitize mattr? forced = SanitizeEmail.force_sanitize return forced unless forced.nil? # Is this particular instance of Bleach engaged engaged = SanitizeEmail::Config.config[:engage] return engaged unless engaged.nil? # Should we sanitize due to the activation_proc? SanitizeEmail.activate?(message) end
Private Instance Methods
deprecation_message()
click to toggle source
# File lib/sanitize_email/bleach.rb, line 90 def deprecation_message deprecation = <<~DEPRECATION SanitizeEmail: Passing arguments to SanitizeEmail::Bleach.new is deprecated. SanitizeEmail::Bleach.new now takes no arguments. DEPRECATION self.class.deprecation_warning_message(deprecation) end