In my application I have set an xss filter rule like below.
xss.filter.rule.alert=(?i)alert
But if I enter an email address with the string 'alert' in it, the alert is getting stripped.
for example myname#alerttext.com is being stripped to myname#text.com.
How can i exclude 'alert' text if it is part of a email address.
Related
I have a requirement to mask user IDs in log files if the user ID is an email address. I can't access the code to the software we are using, so logback.xml is the only option I have to try and mask the e-mail address -- they want user1234#mycompany.org to show up as u******4#mycompany.org, so they can still search the logs if they need to find entries for someone. To complicate matters, there are other outputs to the logs that have the pattern something#something.com that aren't user IDs, so I need to find some keywords ahead of the e-mail address. Here are a couple of examples:
Initiating save of object; type: [User], id: [steven#verizon.net]
Cleaning user record; user: [steven#verizon.net]
And to further complicate things.... they also want to mask the E-mail in rest calls:
Request ended; method: [POST], uri: [/api/v2/token/validate?aid=web_demo&uid=steven%40verizon.net]
I've been trying to get something like this to work, capturing the strings that should prefix an email address or user ID, but I'm banging my head against the wall...
<maskRegex>(?:"user: ["|"[User], id: ["|"uid ["|"savedUser: "|"email_address"|"user"|"uid")\([a-zA-Z0-9]{1}([a-zA-Z0-9\+\.\_\-]{1,128}).#.*)"</maskRegex>
<maskRegex>(?:user: [|[User], id: [|uid [|savedUser: |email_address|user:|uid:)([a-zA-Z0-9]{1}([a-zA-Z0-9\+\.\_\-]{1,128}).#.*)</maskRegex>
I use - is_valid = validate_email(e) for validating email. It can detect if '#' is not present or some more but not providing whether the email entered is active now. AND I used sendmail for sending email. I used try except block. Mail is sending but sometimes try code running and someother times except block is running. How to avoid this abnormal behaviour.
if i correctly understand your question..
There is an option called emailfield in djangoforms.it will show validation error if # is not present.
field_name = forms.EmailField(**options)
Here, I am trying to store email address in cookie to autocomplete the email box as per last logged in user.
Rails Controller Code :-
cookies[:email] = { :value => user_email, :expires => 7.days.from_now }
For example - admin#example.com is the email address while inspecting the email address in cookie using debugger.
Its show
admin%40example.com
By using JS I tried to retrieve the email address from cookie, now in input box it show
admin%40example.com
Please suggest how to escape this symbol conversion. Thanks
%40 is encoded form of #
I you are trying autocomplete the email address from jQuery, you can use this plain javascript function to decode it:
var cookieEmail = decodeURIComponent('admin%40example.com')
$('#emailBox').val(cookieEmail)
(#emailBox is id assigned to the html element of your email input .)
I had email source with me and want parse original recipient of email.
Lets say "user1#test.com" is receiving a email, but in "To" list user1#test.com, user2#test.com & user3#test.com are mentioned. I want to get only user1 from email source.
In initial analysis, email from mdeamon server contains "X-MDaemon-Deliver-To:" tag. Similarly email from Devcot mail server contains "Delivered-To:". But not getting generic parsing logic to get original email recipient.
How I can parse email to get original recipient of an email?
The best way to get this information is probably to parse the Received headers to see who the message was delivered for. In other words, look for a Received header that has a for token followed by x#x.com (where x#x.com will be the recipient).
I have an email address "myaddress#gmail.com". I have created a django form that has a text field and a button. I want to redirect anyone who types a message in the text box to their respective emails so that they can send the message they typed to "my address". This means that as they log in to their email accounts, their message boxes should already be filled with the message they typed and the receiver field should already have "myaddress#gmail.com". The problem is how to redirect the users to their email accounts and prefill the specified fields.
Can anyone help me please?
If the user has set a default email program, most of them will be triggered on mailto:. I know gmail works with mailto: as well, and its possible that other web email services might. All desktop email clients - again only if it is set as the default email program will work on mailto:
The format is:
mailto:[emailaddress]?header=value&header1=value1....&headerN=valueN
Here is an example that sets the subject of the email automatically:
Email me