Changeset 670 for trunk/lib/Email.inc.php

Timestamp:

Mar 6, 2019 9:18:39 PM (5 years ago)

Author:

anonymous

Message:

Strip unsafe characters from HTTP_HOST

File:

• trunk/lib/Email.inc.php (modified) (2 diffs)

trunk/lib/Email.inc.php

@@ -363 +363 @@
 
         // Process headers.
-        $final_headers = array();
+        $final_headers_arr = array();
+        $final_headers = '';
         foreach ($headers as $key => $val) {
             // Validate key and values.
@@ -385 +386 @@
                 continue;
             }
-            $final_headers[] = sprintf('%s: %s', $key, $val);
-        }
-        $final_headers = join($this->getParam('crlf'), $final_headers);
+            $final_headers_arr[] = sprintf('%s: %s', $key, $val);
+        }
+        $final_headers = join($this->getParam('crlf'), $final_headers_arr);
 
         // This is the address where delivery problems are sent to. We must strip off everything except the local@domain part.