summaryrefslogtreecommitdiff
path: root/django/core/mail/message.py
diff options
context:
space:
mode:
Diffstat (limited to 'django/core/mail/message.py')
-rw-r--r--django/core/mail/message.py16
1 files changed, 12 insertions, 4 deletions
diff --git a/django/core/mail/message.py b/django/core/mail/message.py
index 607eb4af0b..963542cd62 100644
--- a/django/core/mail/message.py
+++ b/django/core/mail/message.py
@@ -10,7 +10,7 @@ from email.mime.base import MIMEBase
from email.mime.message import MIMEMessage
from email.mime.multipart import MIMEMultipart
from email.mime.text import MIMEText
-from email.utils import formatdate, getaddresses, make_msgid
+from email.utils import formataddr, formatdate, getaddresses, make_msgid
from io import BytesIO, StringIO
from pathlib import Path
@@ -96,16 +96,24 @@ def sanitize_address(addr, encoding):
nm, address = addr
localpart, domain = address.rsplit('@', 1)
- nm = Header(nm, encoding).encode()
+ address_parts = nm + localpart + domain
+ if '\n' in address_parts or '\r' in address_parts:
+ raise ValueError('Invalid address; address parts cannot contain newlines.')
+
# Avoid UTF-8 encode, if it's possible.
try:
+ nm.encode('ascii')
+ nm = Header(nm).encode()
+ except UnicodeEncodeError:
+ nm = Header(nm, encoding).encode()
+ try:
localpart.encode('ascii')
except UnicodeEncodeError:
localpart = Header(localpart, encoding).encode()
domain = punycode(domain)
- parsed_address = Address(nm, username=localpart, domain=domain)
- return str(parsed_address)
+ parsed_address = Address(username=localpart, domain=domain)
+ return formataddr((nm, parsed_address.addr_spec))
class MIMEMixin:
generated by cgit v1.3 (git 2.53.0) at 2026-05-02 02:55:35 +0000