gh-127794: Validate email header names according to RFC 5322 (#127820)

`email.message.Message` objects now validate header names specified via `__setitem__` or `add_header` according to RFC 5322, §2.2 [1]. In particular, callers should expect a ValueError to be raised for invalid header names. [1]: https://datatracker.ietf.org/doc/html/rfc5322#section-2.2 --------- Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com> Co-authored-by: R. David Murray <rdmurray@bitdance.com>
2025-09-09 18:32:22 +00:00 · 2025-03-30 17:59:29 +05:30 · 2025-03-30 17:59:29 +05:30 · c432d0147b
commit c432d0147b
parent 55150a79ca
5 changed files with 71 additions and 1 deletions
--- a/Lib/email/policy.py
+++ b/Lib/email/policy.py
@ -4,7 +4,13 @@ code that adds all the email6 features.

 import re
 import sys
-from email._policybase import Policy, Compat32, compat32, _extend_docstrings
+from email._policybase import (
+    Compat32,
+    Policy,
+    _extend_docstrings,
+    compat32,
+    validate_header_name
+)
 from email.utils import _has_surrogates
 from email.headerregistry import HeaderRegistry as HeaderRegistry
 from email.contentmanager import raw_data_manager
@ -138,6 +144,7 @@ class EmailPolicy(Policy):
        CR or LF characters.

        """
+        validate_header_name(name)
        if hasattr(value, 'name') and value.name.lower() == name.lower():
            return (name, value)
        if isinstance(value, str) and len(value.splitlines())>1: