jpic <j...@yourlabs.org> added the comment:
The email API does error recovery without loading invalid domains into
the domain variable which could lead to dangerous situations, example
with "a@foo.":
>>> email.message_from_string('From:
>>> a@foo.',policy=email.policy.default)['from'].addresses[0].domain
''
In perspective with the new patch proposed by maxking that lets an
invalid domain make it to the domain variable:
>>> email.message_from_string('From:
>>> a@b...@c.com',policy=email.policy.default)['from'].addresses[0].domain
'b...@c.com'
For me maxking's suggestion opens the question of where to draw the
line between invalid domains should be loaded into the domain variable
and what invalid domains should not be loaded into the domain
variable.
Another smaller advantage of of Go's net/mail behaviour is that
results between parseaddr and email are consistently empty strings for
an invalid domain: parseaddr does not seem able to return a list of
defects.
----------
_______________________________________
Python tracker <rep...@bugs.python.org>
<https://bugs.python.org/issue34155>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
