rodrigo/iachat
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
d272a64ff7
iachat/app
History
Sojan Jose d272a64ff7
fix(mailbox): handle malformed sender address headers (#13486) 
## How to reproduce
When an inbound email has malformed sender headers (for example `From:
McDonald <info@example.com` without a closing `>`), mailbox
processing can raise `Mail::Field::IncompleteParseError` while resolving
sender data in `MailPresenter`.

## What changed
This PR hardens sender parsing in `MailPresenter` with a small, readable
implementation:
- Added/used a safe parser (`parse_mail_address`) that rescues
`Mail::Field::ParseError` and `Mail::Field::IncompleteParseError`.
- `sender_name` now uses the same safe parser path.
- `original_sender` now resolves candidates in order via a compact
`filter_map` flow:
  - `Reply-To`
  - `X-Original-Sender`
  - `From`
- All three candidates are parsed as email addresses before use
(including `X-Original-Sender`), and invalid values are ignored.
- `notification_email_from_chatwoot?` now compares sender addresses
case-insensitively (`casecmp?`) to avoid case-only mismatches.

## Test coverage
Added focused presenter specs for:
- malformed `From` header returns nil sender values and does not
classify as notification sender
- malformed `Reply-To` falls back to valid `From`
- valid `X-Original-Sender` is used when present
- invalid `X-Original-Sender` falls back to valid `From`
- mixed-case sender address still matches configured
`MAILER_SENDER_EMAIL`

## How this was tested
Ran:
- `bundle exec rspec spec/presenters/mail_presenter_spec.rb`
- `bundle exec rubocop app/presenters/mail_presenter.rb
spec/presenters/mail_presenter_spec.rb`

Sentry issue:
[CHATWOOT-B9Y](https://chatwoot-p3.sentry.io/issues/7005483640/)
2026-02-11 11:02:38 -08:00
..
actions fix: Disable enqueueing Avatar jobs if the URL is invalid (#12035) 2025-07-24 12:56:39 +04:00
assets feat: Hide installation identifier (#11722) 2025-06-17 15:45:40 -07:00
builders feat: Add standalone outgoing messages count API endpoint (#13419) 2026-02-04 19:36:50 +05:30
channels fix: Move contact events to account stream rather than individual user stream (#11082) 2025-03-13 17:46:48 -07:00
controllers fix: disable email transcript for free plans (#13509) 2026-02-11 21:21:36 +05:30
dashboards feat: Auto confirm user email when super admin make changes (#12418) 2025-09-23 20:14:02 +05:30
dispatchers feat(ee): Add Captain features (#10665) 2025-01-14 16:15:47 -08:00
drops feat: Add the support for custom attributes in message variables (#8511) 2023-12-08 14:13:35 -08:00
fields chore: improve plan-based feature handling with plan hierarchy (#11335) 2025-04-28 14:13:56 -07:00
finders feat: add SKIP_INCOMING_BCC_PROCESSING as internal config (#12484) 2025-09-22 17:52:56 +05:30
helpers feat: new Captain Editor (#13235) 2026-01-21 13:39:07 +05:30
javascript fix: V2 Assignment service enhancements (#13036) 2026-02-11 12:24:45 +05:30
jobs fix: handle 404 errors gracefully in avatar download job (#13491) 2026-02-09 13:27:23 +05:30
listeners fix: prevent deserialization error on deletion (#13264) 2026-01-14 18:00:12 +05:30
mailboxes refactor: strategy pattern for mailbox conversation finding (#12766) 2025-11-10 20:47:18 +05:30
mailers feat: add per-account daily rate limit for outbound emails (#13411) 2026-02-03 02:06:51 +05:30
models fix: disable email transcript for free plans (#13509) 2026-02-11 21:21:36 +05:30
policies feat: new Captain Editor (#13235) 2026-01-21 13:39:07 +05:30
presenters fix(mailbox): handle malformed sender address headers (#13486) 2026-02-11 11:02:38 -08:00
services fix: disable email transcript for free plans (#13509) 2026-02-11 21:21:36 +05:30
views feat: Add infinite scroll to contacts search page (#13376) 2026-01-27 18:55:19 -08:00