From 4f5cb0974ef4a776c43893658fc6e779468bc3b6 Mon Sep 17 00:00:00 2001 From: Dimitri Huisman Date: Thu, 26 Aug 2021 15:11:35 +0000 Subject: [PATCH] Make sure HTTP header only contains ASCII --- core/admin/mailu/internal/views/auth.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/admin/mailu/internal/views/auth.py b/core/admin/mailu/internal/views/auth.py index 2baeddce..9c3e6a85 100644 --- a/core/admin/mailu/internal/views/auth.py +++ b/core/admin/mailu/internal/views/auth.py @@ -50,7 +50,7 @@ def user_authentication(): if (not flask_login.current_user.is_anonymous and flask_login.current_user.enabled): response = flask.Response() - response.headers["X-User"] = flask_login.current_user.get_id() + response.headers["X-User"] = models.IdnaEmail.process_bind_param(flask_login, flask_login.current_user.get_id(), "") response.headers["X-User-Token"] = models.User.get_temp_token(flask_login.current_user.get_id()) return response return flask.abort(403)