Thank you Rodrigo. I'd like to suggest the Rails core team to provide a safer way to send e-mails to named recipients in a safer way... :-)
On Tuesday, December 8, 2015 at 7:36:34 AM UTC-6, Rodrigo Rosenfeld Rosas wrote: > > May I suggest you something in an attempt to try to make the > communication more efficient? > > This is how I'd write your request in a shorter way: > > Currently, Rails recommends in its guide to interpolate the name when > sending e-mails with names: > > > http://guides.rubyonrails.org/action_mailer_basics.html#sending-email-with-name > > > email_with_name = %("#{@user.name}" <#{@user.email}>) > > This approach is fragile because the interpolated value is not escaped, > which could break the code or deliver to multiple recipients if > exploited properly. > > I'd like to suggest the Rails core team to provide a safer way to send > e-mails to named recipients in a safer way. > > -- > > StackOverflow and the excess of formatting will probably make lots of > subscribers to this list simply skip this thread... Anyway, this is just > a suggestion... > > Best, > Rodrigo. > -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/rubyonrails-core. For more options, visit https://groups.google.com/d/optout.
