mirror/php-monolog
1
0
Fork 0
mirror of https://github.com/Seldaek/monolog.git synced 2025-08-11 15:44:34 +02:00
Code Issues Releases Wiki Activity

Prevent header injection through content type / encoding in NativeMailerHandler, fixes #458, closes #448

Browse Source
This commit is contained in:
Jordi Boggiano
2014-12-28 14:32:10 +00:00
parent 5bee6fe56c
commit 515a096c86
2 changed files with 26 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
tests/Monolog/Handler/NativeMailerHandlerTest.php
View File

@@ -40,4 +40,22 @@ class NativeMailerHandlerTest extends TestCase
$mailer = new NativeMailerHandler('spammer@example.org', 'dear victim', 'receiver@example.org');
$mailer->addHeader(array("Content-Type: text/html\r\nFrom: faked@attacker.org"));
}
/**
* @expectedException InvalidArgumentException
*/
public function testSetterContentTypeInjection()
{
$mailer = new NativeMailerHandler('spammer@example.org', 'dear victim', 'receiver@example.org');
$mailer->setContentType("text/html\r\nFrom: faked@attacker.org");
}
/**
* @expectedException InvalidArgumentException
*/
public function testSetterEncodingInjection()
{
$mailer = new NativeMailerHandler('spammer@example.org', 'dear victim', 'receiver@example.org');
$mailer->setEncoding("utf-8\r\nFrom: faked@attacker.org");
}
}