moparisthebest/mail
1
0
Fork 0
mirror of https://github.com/moparisthebest/mail synced 2024-11-30 04:42:15 -05:00
Code Issues Releases Wiki Activity

Merge pull request #118 from whiteout-io/dev/WO-587

Browse Source 
[WO-587] Explicitly include arbitrary headers in clearsigned regex
This commit is contained in:
Tankred Hase 2014-09-12 18:09:47 +02:00
commit 2caeaeea3f
2 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/js/dao/email-dao.js
View File

@ -772,11 +772,11 @@ define(function(require) {
/* /*
* any content before/after the PGP block will be discarded, * any content before/after the PGP block will be discarded,
* "-----BEGIN/END (...)-----" must be at the start/end of a line, * "-----BEGIN/END (...)-----" must be at the start/end of a line,
* after \n\n the signed payload begins, * after the hash (and possibly other) arbitrary headers, the signed payload begins,
* the text is followed by a final \n and then the pgp signature begins * the text is followed by a final \n and then the pgp signature begins
* untrusted attachments and html is ignored * untrusted attachments and html is ignored
*/ */
var clearSignedMatch = /^-{5}BEGIN PGP SIGNED MESSAGE-{5}[\s\S]*\n\n([\s\S]*)\n-{5}BEGIN PGP SIGNATURE-{5}[\S\s]*-{5}END PGP SIGNATURE-{5}$/im.exec(body); var clearSignedMatch = /^-{5}BEGIN PGP SIGNED MESSAGE-{5}\nHash:[ ][^\n]+\n(?:[A-Za-z]+:[ ][^\n]+\n)*\n([\s\S]*)\n-{5}BEGIN PGP SIGNATURE-{5}[\S\s]*-{5}END PGP SIGNATURE-{5}$/im.exec(body);
if (clearSignedMatch) { if (clearSignedMatch) {
// PGP/INLINE signed // PGP/INLINE signed
message.signed = true; message.signed = true;

7
test/unit/email-dao-test.js
View File

@ -1010,9 +1010,10 @@ define(function(require) {
}); });
it('should read a signed pgp/inline from the device', function(done) { it('should read a signed pgp/inline from the device', function(done) {
var message, pt; var message, pt, expected;
pt = '-----BEGIN PGP SIGNED MESSAGE-----\n\ntest6\n-----BEGIN PGP SIGNATURE----------END PGP SIGNATURE-----'; expected = 'Lorem ipsum Aliquip tempor veniam proident.\n\nafguab;igab;igubalw\n\nLorem ipsum Dolor sed irure sint in non.\n\n\n';
pt = '-----BEGIN PGP SIGNED MESSAGE-----\nHash: WTFHASH\n\n' + expected + '\n-----BEGIN PGP SIGNATURE----------END PGP SIGNATURE-----';
message = { message = {
uid: uid, uid: uid,
from: [{ from: [{
@ -1036,7 +1037,7 @@ define(function(require) {
expect(err).to.not.exist; expect(err).to.not.exist;
expect(msg).to.equal(message); expect(msg).to.equal(message);
expect(msg.body).to.equal('test6'); expect(msg.body).to.equal(expected);
expect(message.signed).to.be.true; expect(message.signed).to.be.true;
expect(message.signaturesValid).to.be.true; expect(message.signaturesValid).to.be.true;
expect(message.loadingBody).to.be.false; expect(message.loadingBody).to.be.false;