diff options
| author |   Jeff Fearn <jfearn@redhat.com> | 2021-02-12 11:11:27 +1000 |
|---|---|---|
| committer | Jeff Fearn <jfearn@redhat.com> | 2021-02-12 11:11:27 +1000 |
| commit | 35d61c4e1d161e6b1569bdcdf7117a852bae6147 (patch) | |
| tree | 8eff63f704eab2b1423a4c1f16db742f8269f543 | |
| parent | Bug 1923261 - Recursive Action Detection having false positives (diff) | |
| download | bugzilla-35d61c4e1d161e6b1569bdcdf7117a852bae6147.tar.gz bugzilla-35d61c4e1d161e6b1569bdcdf7117a852bae6147.tar.bz2 bugzilla-35d61c4e1d161e6b1569bdcdf7117a852bae6147.zip | |
Bug 1866954 - Prevent bug mail being sent to invalid users
Remove X-Bugzilla headers.
Redact subject.
Change-Id: I9ae859ac684f31ee9e21959bfd6df671f43423c4
| -rw-r--r-- | extensions/SecureMail/Extension.pm | 16 | ||||
| -rw-r--r-- | extensions/SecureMail/template/en/default/account/email/encryption-required.txt.tmpl | 10 |
2 files changed, 22 insertions, 4 deletions
diff --git a/extensions/SecureMail/Extension.pm b/extensions/SecureMail/Extension.pm index 46e8e9fde..21e62b0c4 100644 --- a/extensions/SecureMail/Extension.pm +++ b/extensions/SecureMail/Extension.pm @@ -655,6 +655,9 @@ sub _add_key { sub _make_secure { my ($email, $key, $sanitise_subject, $add_new, $is_whine_email, $user) = @_; + ## REDHAT EXTENSION 1866954 + my $blat_headers = $user->in_group('invalid_account'); + # Add header showing this email has been secured $email->header_set('X-Bugzilla-Secure-Email', 'Yes'); @@ -800,6 +803,19 @@ sub _make_secure { $email->header_set('Subject', $subject); } + ## REDHAT EXTENSION START 1866954 + # Remove confidentail data from headers + if ($blat_headers) { + $email->header_set('Subject', "[Bug $bug_id] REDACTED MAIL") + unless ($sanitise_subject); + foreach my $name ($email->header_names) { + if ($name =~ m/^X-Bugzilla-/) { + $email->header_set($name); + } + } + } + ## REDHAT EXTENSION END 1866954 + return; } diff --git a/extensions/SecureMail/template/en/default/account/email/encryption-required.txt.tmpl b/extensions/SecureMail/template/en/default/account/email/encryption-required.txt.tmpl index ad5b8025b..7d9941d32 100644 --- a/extensions/SecureMail/template/en/default/account/email/encryption-required.txt.tmpl +++ b/extensions/SecureMail/template/en/default/account/email/encryption-required.txt.tmpl @@ -1,11 +1,13 @@ -[% IF invalid_user %] -This user is flagged as an invalid account, as such it is not allowed to reieve bug or account related mail from Red Hat Bugzilla. +[% IF invalid_user %] This user is flagged as an invalid account, as such it is +not allowed to receive bug or account related mail from Red Hat Bugzilla. -To start recieving content this account needs to comply with the bot and list policy. +To start receiving content this account needs to comply with the bot and list +policy. https://docs.engineering.redhat.com/display/OMEGA/Bot+&+List+Account+Policy -Please contact [% maintainer %] if you believe this account is incorectly flagged as invalid. +Please contact [% maintainer %] if you believe this account is incorrectly +flagged as invalid. [% IF bug_id %] You can see this bug's current state at: |