Skip to content

Commit a069c88

Browse files
WebklexWebklex
committed
Potential header overwriting through header extensions Webklex#35 
1 parent 881ae21 commit a069c88

File tree

2 files changed

+11
-3
lines changed

2 files changed

+11
-3
lines changed

CHANGELOG.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,13 +7,15 @@ Updates should follow the [Keep a CHANGELOG](http://keepachangelog.com/) princip
77
## [UNRELEASED]
88
### Fixed
99
- Text/Html body fetched as attachment if subtype is null #34
10+
- Potential header overwriting through header extensions #35
1011

1112
### Added
1213
- NaN
1314

1415
### Affected Classes
1516
- [Message::class](src/Message.php)
1617
- [Part::class](src/Part.php)
18+
- [Header::class](src/Header.php)
1719

1820
### Breaking changes
1921
- NaN

src/Header.php

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -528,9 +528,15 @@ private function extractHeaderExtensions(){
528528
foreach($extensions as $extension) {
529529
if (($pos = strpos($extension, "=")) !== false){
530530
$key = substr($extension, 0, $pos);
531-
$value = substr($extension, $pos + 1);
532-
$value = str_replace('"', "", $value);
533-
$this->attributes[trim(rtrim(strtolower($key)))] = trim(rtrim($value));
531+
$key = trim(rtrim(strtolower($key)));
532+
533+
if (isset($this->attributes[$key]) === false) {
534+
$value = substr($extension, $pos + 1);
535+
$value = str_replace('"', "", $value);
536+
$value = trim(rtrim($value));
537+
538+
$this->attributes[$key] = $value;
539+
}
534540
}
535541
}
536542
}

0 commit comments

Comments
 (0)