Defect #19537

Broken HTML sanitizer refence breaks email receiving

Added by Phil Stewart almost 3 years ago. Updated over 2 years ago.

Status:ClosedStart date:
Priority:NormalDue date:
Assignee:Jean-Philippe Lang% Done:

0%

Category:Email receiving
Target version:3.0.2
Resolution:Fixed Affected version:3.0.1

Description

HTML emails fail silently when receiving emails via IMAP due to broken HTML sanitizer reference in MailHandler.full_sanitizer on line 449 of app/models/mail_handler.rb:

def self.full_sanitizer
  @full_sanitizer ||= HTML::FullSanitizer.new
end

Changing this line to @full_sanitizer ||= Rails::Html::FullSanitizer.new works, although it didn't do a particularly good job on the stuck email I'd sent from Outlook.

Redmine: 3.0.1
Rails: 4.2.0
Ruby: 2.2.0

MailHandler_Strip_sample.png (178 KB) Rupesh J, 2015-04-29 10:50

Associated revisions

Revision 14219
Added by Jean-Philippe Lang over 2 years ago

Removed invalid sanitizer in MailHandler (#19537).

History

#1 Updated by Timur Voroshilov almost 3 years ago

This line @full_sanitizer ||= Rails::Html::FullSanitizer.new works:
Ruby 2.0.0
Rails 4.2.0
Redmine 3.0.1

And normally works on import mail sent by MS Outlook 2013.

#2 Updated by Rupesh J almost 3 years ago

This is a new implementation of rails sanitizer, This did not work, So using the old deprecated one, through a GEM.

gem 'rails-deprecated_sanitizer'

Until this is corrected with the rails sanitizer...! :)

#3 Updated by Phil Stewart almost 3 years ago

I've created a Gemfile.local file in my install and added gem 'rails-deprecated_sanitizer', which works nicely without having to change MailHandler over to the new sanitizer.

#4 Updated by Toshi MARUYAMA over 2 years ago

  • Target version set to 3.0.2

#5 Updated by Jean-Philippe Lang over 2 years ago

  • Subject changed from Broken HTML sanitizer refence breaks redmine:email:receive_imap to Broken HTML sanitizer refence breaks email receiving
  • Status changed from New to Closed
  • Assignee set to Jean-Philippe Lang
  • Resolution set to Fixed

Fixed in r14219, the default Rails sanitizer is now used.

#6 Updated by Rupesh J over 2 years ago

The text striping is not handled.
I am getting some unwanted Outlook mail tags.
Please let me know if this needs to be reported as another bug ?

#8 Updated by Toshi MARUYAMA over 2 years ago

Rupesh J wrote:

The text striping is not handled.
I am getting some unwanted Outlook mail tags.

Did it work on Redmine 2.x?

Please let me know if this needs to be reported as another bug ?

If it is regression of Redmine 3.0,
please create new issue because 3.0.2 was released.

If it is not regression of Redmine 3.0,
I think it is duplicate of #13209.

#9 Updated by Rupesh J over 2 years ago

Ok, I will create a regression bug.

It worked in
  • 2.6.x
  • 3.0.1 using the gem 'rails-deprecated_sanitizer'

#10 Updated by Toshi MARUYAMA over 2 years ago

Thank you for creating #19737.

Also available in: Atom PDF