Closed dorongutman closed 7 years ago
@dorongutman there's no way of doing that and it should be fixed.
I thought it was written this way intentionally, as a preventive measure to not spoil email with strange headers accidentally. You may find soft restriction for headers parameter in Mandrill API docs:
headers – optional extra headers to add to the message (most headers are allowed)
https://mandrillapp.com/api/docs/messages.ruby.html#method=send
Pay attention to the words in brackets: "most headers are allowed". Looks like not all headers are allowed and it's reasonable from security prospective.
Anyway it will be nice to have ability to process custom headers if Mandrill accepts them.
@Tensho if most headers are allowed why do you want to block all of them ? if I choose to use a header that mandrill denies - I'll deal with it. but preventing me from passing any non-system header is bad
@dorongutman, that's not me, but author's decision ^_^* as I said it will be nice to have such option. I just wanted to try reveal the initial intention.
Maybe if you need some custom header for own purposes, you probably need to use Mandrill's Custom Metadata by design.
I'm happy to make PR for this, but first I need to know author's intention. I'm not an expert in Mandrill and I guess @kshnurov and @spovich know more than me.
Mandrill won't allow any harmful headers as they say, so PRs are welcome.
According to https://github.com/spovich/mandrill_dm/blob/master/lib/mandrill_dm/message.rb#L60 and https://github.com/spovich/mandrill_dm/blob/master/lib/mandrill_dm/message.rb#L219 this lib strips any headers not in this list, and my custom headers I put on mail[:headers] doesn't arrive to mandrill