不知 MailMessage 类从电子邮件注射。例如,将它们传递给它的构造之前,我应该检查值:
MailMessage消息=新MailMessage(fromTextBox.Text,toTextBox.Text);
解决方案
在 MailAddress
类检查其免受RFC822完整BNF语法地址。 (请参阅 MailBnfHelper
)。
有注射用 MailMessage
S当没有风险。 (除HTML注入在自己的内容)
I wonder if MailMessage class is protected from e-mail injection. For example, should I check values before passing them to its constructor:
MailMessage message = new MailMessage(fromTextBox.Text, toTextBox.Text);
解决方案
The MailAddress
class checks its addresses against the full BNF grammar from RFC822. (See MailBnfHelper
).
There is no risk of injection when using MailMessage
s. (Except HTML injection in your own content)