From: Michael M Slusarz <slusarz@curecanti.org>
Date: Thu, 13 Jan 2011 19:03:16 +0000 (-0700)
Subject: Bug #9509: Don't sanitize raw header text
X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=b59e7cb786ae90f9d98ef87fd255d02e32f4241c;p=horde.git

Bug #9509: Don't sanitize raw header text
---

diff --git a/framework/Mail/lib/Horde/Mail/Transport.php b/framework/Mail/lib/Horde/Mail/Transport.php
index 4ecfe236c..1b6538ae8 100644
--- a/framework/Mail/lib/Horde/Mail/Transport.php
+++ b/framework/Mail/lib/Horde/Mail/Transport.php
@@ -201,16 +201,19 @@ abstract class Horde_Mail_Transport
      * strings present in a legitimate header's value.  The goal of this
      * filter is to prevent mail injection attacks.
      *
+     * Raw headers are sent as-is.
+     *
      * @param array $headers  The associative array of headers to sanitize.
      *
      * @return array  The sanitized headers.
      */
     protected function _sanitizeHeaders($headers)
     {
-        foreach (array_keys($headers) as $key) {
+        foreach (array_diff(array_keys($headers), array('_raw')) as $key) {
             $headers[$key] = preg_replace('=((<CR>|<LF>|0x0A/%0A|0x0D/%0D|\\n|\\r)\S).*=i', null, $headers[$key]);
         }
 
         return $headers;
     }
+
 }