4eadb91a64
- Added rate limiting for outbound email sends to prevent abuse, implemented in `internal/api/mail/sendguard`. - Introduced idempotency key support for email sending to avoid duplicate submissions. - Enhanced attachment handling with new limits and validation in `internal/api/mail/limits`. - Updated outbox processing to include retry logic and circuit breaker for SMTP failures. - Improved HTML sanitization for email content to enhance security. - Added unit tests for new features, ensuring robust functionality and error handling. - Updated configuration options in `.env.example` for new mail settings.
29 lines
490 B
Go
29 lines
490 B
Go
package mail
|
|
|
|
import (
|
|
"strings"
|
|
"unicode"
|
|
)
|
|
|
|
const (
|
|
maxIdempotencyKeyLen = 128
|
|
minIdempotencyKeyLen = 8
|
|
)
|
|
|
|
func normalizeIdempotencyKey(raw string) (string, bool) {
|
|
key := strings.TrimSpace(raw)
|
|
if key == "" {
|
|
return "", true
|
|
}
|
|
if len(key) < minIdempotencyKeyLen || len(key) > maxIdempotencyKeyLen {
|
|
return "", false
|
|
}
|
|
for _, r := range key {
|
|
if unicode.IsLetter(r) || unicode.IsDigit(r) || r == '-' || r == '_' {
|
|
continue
|
|
}
|
|
return "", false
|
|
}
|
|
return key, true
|
|
}
|