You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -58,7 +58,23 @@ Analysing the code, there is no filter in `mailSend()` function
`$this->Sender` is directly appended to `$params` variable, which was filtered in `validateAddress()` function, but as it uses RFC 3696 specification, it allow certain characters which will break things.
In this case, quotes:
> In addition to quoting using the backslash character, conventional
> double-quote characters may be used to surround strings. For example
>
> "Abc@def"@example.com
>
> "Fred Bloggs"@example.com
> are alternate forms of the first two examples above. These quoted
> forms are rarely recommended, and are uncommon in practice, but, as
> discussed above, must be supported by applications that are
> processing email addresses. In particular, the quoted forms often
> appear in the context of addresses associated with transitions from
> other systems and contexts; those transitional requirements do still
> arise and, since a system that accepts a user-provided email address
> cannot "know" whether that address is associated with a legacy
> system, the address forms must be accepted and passed into the email
