courier: Make procmail's sanitize be more unicode friendly

Sanitize only lets some ascii characters go through, which is very unfriendly to non-ascii usernames. This patch changes it to be more inclusive, and filter out only selected characters that may be problematic for the subprocesses, specially considering UNIX shell environments. It's not meant to catch all possible problems, just help prevent some common ones.
2025-12-23 15:37:01 +00:00 · 2016-07-16 12:05:11 +01:00
parent 724d915e95
commit e32ba1ee86
2 changed files with 39 additions and 4 deletions
--- a/internal/courier/procmail_test.go
+++ b/internal/courier/procmail_test.go
@@ -63,3 +63,32 @@ func TestProcmailBadCommandLine(t *testing.T) {
 		t.Errorf("Unexpected success: %q %v", procmailBin, procmailArgs)
 	}
 }
+
+func TestSanitize(t *testing.T) {
+	cases := []struct{ v, expected string }{
+		// These are the same.
+		{"thisisfine", "thisisfine"},
+		{"ñaca", "ñaca"},
+		{"123-456_789", "123-456_789"},
+		{"123+456~789", "123+456~789"},
+
+		// These have problematic characters that get dropped.
+		{"with spaces", "withspaces"},
+		{"with/slash", "withslash"},
+		{"quote';andsemicolon", "quoteandsemicolon"},
+		{"a;b", "ab"},
+		{`"test"`, "test"},
+
+		// Interesting cases taken from
+		// http://www.user.uni-hannover.de/nhtcapri/bidirectional-text.html
+		// We allow them, they're the same on both sides.
+		{"١٩٩٩–١٢–٣١", "١٩٩٩–١٢–٣١"},
+		{"موزه‌ها", "موزه\u200cها"},
+	}
+	for _, c := range cases {
+		out := sanitizeForProcmail(c.v)
+		if out != c.expected {
+			t.Errorf("%q: expected %q, got %q", c.v, c.expected, out)
+		}
+	}
+}