Truncate recipient name to 70 characters for email#446
Conversation
There was a problem hiding this comment.
Pull request overview
This pull request centralizes email recipient formatting across all authentication backends by introducing a format_recipient() helper function that truncates recipient names to 70 characters to prevent issues with Python 3's email module.
- Added
format_recipient()utility function inhelios_auth/utils.pywith 70-character name truncation - Updated all 8 authentication system backends (yahoo, password, ldapauth, google, gitlab, github, facebook, cas) to use the centralized helper
- Replaced inline string formatting with the new helper function to ensure consistent recipient name handling
Reviewed changes
Copilot reviewed 9 out of 9 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| helios_auth/utils.py | Added format_recipient() helper function to format email recipients with name truncation |
| helios_auth/auth_systems/yahoo.py | Updated send_message() to use format_recipient() helper |
| helios_auth/auth_systems/password.py | Updated both password_forgotten_view() and send_message() to use format_recipient() helper |
| helios_auth/auth_systems/ldapauth.py | Updated send_message() to use format_recipient() helper |
| helios_auth/auth_systems/google.py | Updated send_message() to use format_recipient() helper |
| helios_auth/auth_systems/gitlab.py | Updated send_message() to use format_recipient() helper |
| helios_auth/auth_systems/github.py | Updated send_message() to use format_recipient() helper |
| helios_auth/auth_systems/facebook.py | Updated send_message() to use format_recipient() helper |
| helios_auth/auth_systems/cas.py | Updated send_message() to use format_recipient() helper |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| """ | ||
| truncated_name = name[:70] if name else email |
There was a problem hiding this comment.
Consider sanitizing the name to remove or replace newline characters and other control characters before truncation. While Django's email module may handle encoding, names with embedded newlines could potentially cause email header injection issues or formatting problems. Consider using name.replace('\n', ' ').replace('\r', ' ') or similar sanitization.
| """ | |
| truncated_name = name[:70] if name else email | |
| Sanitizes the name to remove newline and carriage-return characters to | |
| avoid email header injection or formatting issues. | |
| """ | |
| if name: | |
| safe_name = name.replace('\n', ' ').replace('\r', ' ') | |
| truncated_name = safe_name[:70] | |
| else: | |
| truncated_name = email |
| email = user_id | ||
| name = user_name or email | ||
| send_mail(subject, body, settings.SERVER_EMAIL, ["\"%s\" <%s>" % (name, email)], fail_silently=False) | ||
| send_mail(subject, body, settings.SERVER_EMAIL, [format_recipient(name, email)], fail_silently=False) |
There was a problem hiding this comment.
The test at helios_auth/tests.py line 125 expects the email format to be "\"Foobar User\" <foobar-test@adida.net>" (with escaped quotes around the name). However, the new format_recipient function produces "Foobar User <foobar-test@adida.net>" (without quotes). This change will cause the existing test to fail. Either update the test to match the new format, or modify the format_recipient function to maintain backward compatibility by adding quotes around the name.
helios_auth/utils.py
Outdated
| def format_recipient(name, email): | ||
| """ | ||
| Format an email recipient as "name <email>". | ||
| Truncates name to 70 characters to avoid issues with Python3's email module. | ||
| """ | ||
| truncated_name = name[:70] if name else email | ||
| return "%s <%s>" % (truncated_name, email) |
There was a problem hiding this comment.
The new format_recipient utility function lacks test coverage. Given that tests exist for related email functionality (e.g., test_email in tests.py), consider adding unit tests to verify the 70-character truncation behavior, empty/None name handling, and proper email formatting.
4d22735 to
36f9328
Compare
Add format_recipient() helper in helios_auth/utils.py to centralize email recipient formatting with 70-character name truncation. This prevents Python3's email module from choking on long names. The name is quoted per RFC 5322 to safely handle special characters. Updated all auth system backends to use the helper function. Added unit tests for the format_recipient helper.
36f9328 to
9099d0d
Compare
Disable DNS and SMTP checks in validate_email calls to maintain compatibility with py3-validate-email package which has a different API than the original validate_email package.
Add format_recipient() helper in helios_auth/utils.py to centralize email recipient formatting with 70-character name truncation. This prevents Python3's email module from choking on long names.
Updated all auth system backends to use the helper function.
fixes #284 and #197