Mirror
/
app-MAIL-temp
mirror of https://github.com/simple-login/app.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add List-Unsubscribe-Post header. Block alias directly if POST, otherwise ask user confirmation.

This commit is contained in:
Son NK 2019-11-20 19:18:24 +01:00
parent cb14277bc7
commit 837e1ffcf6
4 changed files with 44 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app/dashboard/templates/dashboard/index.html
View File

@ -250,7 +250,7 @@
$(".trigger-email").on("click", function (e) {
notie.confirm({
text: "SimpleLogin server will send an email to this alias and it should arrive to your inbox, please confirm",
text: "SimpleLogin server will send an email to this alias and it should arrive to your inbox, please confirm",
cancelCallback: () => {
// nothing to do
},
@ -264,9 +264,9 @@
var message = "";
if (e.target.checked) {
message = `After this, you will start receiving email sent to this email address, please confirm`;
message = `After this, you will start receiving email sent to this alias, please confirm`;
} else {
message = `After this, you will stop receiving email sent to this email address, please confirm`;
message = `After this, you will stop receiving email sent to this alias, please confirm`;
}
notie.confirm({

28
app/dashboard/templates/dashboard/unsubscribe.html Normal file
View File

@ -0,0 +1,28 @@
{% extends 'default.html' %}
{% set active_page = "dashboard" %}
{% block title %}
Block an alias
{% endblock %}
{% block default_content %}
<div class="col-md-8 offset-md-2 text-center">
<h1 class="h3">
Block alias
</h1>
<p>
You are about to block the alias <a href="mailto:{{alias}}">{{alias}}</a>
</p>
<p>
After this, you will stop receiving all emails sent to this alias, please confirm
</p>
<form method="post">
<button class="btn btn-warning">Confirm</button>
</form>
</div>
{% endblock %}

18
app/dashboard/views/unsubscribe.py
View File

@ -2,7 +2,7 @@
Allow user to "unsubscribe", aka block an email alias
"""
from flask import redirect, url_for, flash
from flask import redirect, url_for, flash, request, render_template
from flask_login import login_required, current_user
from app.dashboard.base import dashboard_bp
@ -11,7 +11,7 @@ from app.extensions import db
from app.models import GenEmail
@dashboard_bp.route("/unsubscribe/<gen_email_id>", methods=["GET"])
@dashboard_bp.route("/unsubscribe/<gen_email_id>", methods=["GET", "POST"])
@login_required
def unsubscribe(gen_email_id):
gen_email = GenEmail.get(gen_email_id)
@ -26,9 +26,13 @@ def unsubscribe(gen_email_id):
)
return redirect(url_for("dashboard.index"))
gen_email.enabled = False
flash(f"Alias {gen_email.email} has been blocked", "success")
db.session.commit()
# automatic unsubscribe, according to https://tools.ietf.org/html/rfc8058
if request.method == "POST":
gen_email.enabled = False
flash(f"Alias {gen_email.email} has been blocked", "success")
db.session.commit()
notify_admin(f"User {current_user.email} has unsubscribed an alias")
return redirect(url_for("dashboard.index"))
notify_admin(f"User {current_user.email} has unsubscribed an alias")
return redirect(url_for("dashboard.index"))
else: # ask user confirmation
return render_template("dashboard/unsubscribe.html", alias=gen_email.email)

2
email_handler.py
View File

@ -161,6 +161,7 @@ class MailHandler:
# add List-Unsubscribe header
unsubscribe_link = f"{URL}/dashboard/unsubscribe/{gen_email.id}"
add_or_replace_header(msg, "List-Unsubscribe", f"<{unsubscribe_link}>")
add_or_replace_header(msg, "List-Unsubscribe-Post", "List-Unsubscribe=One-Click")
original_subject = msg["Subject"]
LOG.d(
@ -201,6 +202,7 @@ class MailHandler:
# add List-Unsubscribe header
unsubscribe_link = f"{URL}/dashboard/unsubscribe/{forward_email.gen_email_id}"
add_or_replace_header(msg, "List-Unsubscribe", f"<{unsubscribe_link}>")
add_or_replace_header(msg, "List-Unsubscribe-Post", "List-Unsubscribe=One-Click")
LOG.d(
"send email from %s to %s, mail_options:%s,rcpt_options:%s",