In ASP.NET I am sending a MailMessage but it won't go through. The code I am using is
message.To.Add(email1 + ", " + email2 + ", " + email3);
When I do this I never receive my mail. However if I use this code:
message.To.Add(email1 + ", " + email2);
It sends just fine every time. Anybody know what is going on here? All 3 emails are the same (for testing purposes) and have been verified to be correct while debugging. I tried inserting a different email address for the third and still nothing went through. I may be missing something obvious...
EDIT:
Everyone is telling me to add them individually which may well be good advice if everyone agrees upon it. The reason I didn't do this previously and I just tried it again with three seperate addresses and none of them were sent. Maybe I have another issue entirely if that is supposed to work?
EDIT: For anyone with the same problem in the future here is what I did. When creating the MailMessage I didn't create it with any parameters and instead specified the From parameter seperately. I wrapped the From and all To emails in new MailAddress() and the combination of all those changes appeared to work.
Just call Add multiple times.
The To property of MailMessage is a collection, so you should call
message.To.Add 3 times if want to send to 3 email addresses.
Instead of contencating mail addressed into a single Add statement, you should be adding them one at a time:
message.To.Add(email1);
message.To.Add(email2);
message.To.Add(email3);
Since you're adding to a collection.
Also, if the addresses are the same, the function usually doesn't add it twice in my experience. This may be a behavior of the Mailmessage.To.Add function, or it could be that when it gets to me Outlook has stripped out duplicates, but it looks to me like it filters out duplicates. You may be seeing the same on your system.
Try
message.to.add(email1);
message.to.add(email2);
message.to.add(email3);
message.to.add(email4);
Hope this helps
Harvey Sather
I store message recipients in the web.config file and then handle it like this
string lstrDistributitionList = ConfigurationSettings.AppSettings["SMTP_DISTRIBUTION_LIST"];
string[] lastrDistributitionList = lstrDistributitionList.Split(';');
for (Int32 loopCounter = 0; loopCounter < lastrDistributitionList.Length; loopCounter++)
{
msg.To.Add(lastrDistributitionList[loopCounter]);
}
Harvey Sather
Related
I have a script which sets up rules on users' outlooks which autoforward their emails to marked recipients, should they be out of the office.
I wish to alter the subject before sending, ideally prefixing it with "AUTFORWARD: The subject".
I cannot see how to do this, if it is possible at all.
Dim oRule As New Rule()
oRule.DisplayName = "Forwarder"
oRule.Actions.ForwardToRecipients.Add("me#address.com")
Dim oCreateNewRule As New CreateRuleOperation(oRule)
oExchangeService.UpdateInboxRules(New RuleOperation() {oCreateNewRule}, True)
oCreateNewRule = Nothing
oRule = Nothing
There is no Action in EWS that will allow you to set the subject with a Rule (or any property other then the importance or categories). You could look at using a Transport Rule instead which allows a lot more Actions http://technet.microsoft.com/en-us/library/aa998315(v=exchg.150).aspx. Eg one thing you can do with a Transport Rule is detect if a message is AutoForwarded using the conditions and then use the prepend subject action to achieve what you want. The only problem with this is it would affect all users who are forwarding messages which may or may not be a problem. Other then that you could write a Transport Agent which would give you full flexibility.
Cheers
Glen
Does JMail accepts delimiter(;) or comma(,) as a separator between different email address like CDO.Message.
For example, we can write,
Mail.To="a#a.com,b#b.com" in CDO.Message.
Does the same is valid for JMAIL like the one below.
jMail.AddRecipient ("a#a.com,b#b.com")
I know we can add multiple recipients by calling the AddRecipient again and again but my question is can we do it in a single line like in CDO.Message?
yes you can add multiple recipients by calling the AddRecipient
Yes, you can.
I spent some time figuring this out as well. I tried the recommended array() of recipients but that did not seem to work. The only thing which worked for me so far was a properly formatted multiple recipient string:
$jmail->addRecipient('recipient1#site.com','recipient2#site.com','recipient3#site.com');
Please note the ["] markup. If you replace the ["] with ['] it will not work. It's little "delicate" this way :)
I am using jMail with PHP/COM extension but I am sure you can reuse this principle for ASP or any other language.
I hope this helped.
We did a Fortify scan on our ASP.net application. We found that there many header manipulation issues. All the issues are pointing to Response.Redirect(). Please have a look at the below code where I encoded the parameters. Even then the below code is counted as header manipulation issue.
int iCount = 0;
foreach (string Name in Request.QueryString.Keys)
{
iCount++;
if (iCount > 1)
{
url += "&";
}
url += Name;
if (Request.Params[Name]!=null)
{
url += "=" + AntiXss.UrlEncode(Request.Params[Name]);
}
}
Response.redirect(Server.UrlPathEncode(page.root) + "\Test.aspx?" + url);
Can some body let me know what else is required to change here to resolve the issue?
Take off the Server.UrlPathEncode(page.root) portion and use Server.Transfer() instead of Response.Redirect().
Server.Transfer() transfers the user to another page on the same site and poses little to no danger of accidentally directing someone to another site.
Response.Redirect() is good for when you want to redirect someone to another site.
Also, Fortify doesn't tend to like Request.Params[] due to its possible ambiguity. A careful attacker may be able, on some servers, to send a UTF-7 or non-printing version of a name as one of the request variables and let the name of the variable contain the actual XSS injection, or overwrite the GET-request value with a cookie of the same name. Make sure both the name and value are htmlencoded, and consider using Request.QueryString[parametername] instead of Request.Params[parametername] to avoid more issues with Fortify.
Hopefully this gets you past your Fortify issues!
It appears that Fortify percieves Name as user defined and that will triger "Manupulation" error. If it's true try to use predefined list if possible.
This is all internal servers and software, so I'm very limited on my options, but this is where I'm at. This is already a band-aid to a workaround but I have no choice, so I'm just trying to make it work.
I have a simple .asp file on my server that is protected by a service that will handle the user authentication (I have no control over this service). When a user goes to this .asp file, it requires them to authenticate via the service, and the service then redirects them to the .asp.
The service is inserting custom values in to the http header that allow me to identify who has logged in (I need it further down the line). When I use the asp to view the ALL_RAW and ALL_HTTP values from the header, I can see all the custom values. But when I try to call these values specifically I get nothing.
I ran this simple loop:
<%
for each x in Request.ServerVariables
response.write("<B>" & x & ":</b> " & Request.ServerVariables(x) & "<p />")
next
%>
and all the keys display including the custom ones. But none of the custom values will. The values are the part I need.
the only thing I can find unique about the custom values is that they look slightly different in the ALL_RAW value, but they all look correct in the ALL_HTTP. As best I can tell, they are formatted correctly. the only formatting differences between the standard and custom values are case and underscores instead of hyphens.
Why can I not read these custom values?
I found my answer.
When I ran this loop
<%
for each x in Request.ServerVariables
response.write("<B>" & x & ":</b> " & Request.ServerVariables(x) & "<p />")
next
%>
it would return a list of all the names that were in the header and their values. The custom value I was looking for would show as name "HTTP_CUSTOM_ID" and I could see it, with it's value in the ALL_HTTP and ALL_RAW, but when I tried to pull that specific value, it would return an empty string. The solution I stumbled on (by talking to someone else here at work who had gone through a similar situation with the same service I was trying to accommodate is to use:
<%=Request.ServerVariables("HEADER_CUSTOM_ID")%>
When viewing the full header, nothing led me to use the HEADER prefix instead of the HTTP, in fact, it led me opposite. And I never found any mention of this anywhere searching online either. So I'm posting my own answer to my question here so it is on the web.
For the sake of expedience, why not just parse Request.ServerVariables("ALL_RAW") yourself?
There is a better way than parsing each item yourself. Look at the values in Request.ServerVariables("ALL_HTTP") and find the header you need but named a bit different.
All HTTP headers start with HTTP_. I was looking for If-None-Match and it was in the collection as HTTP_IF_NONE_MATCH. To get the value I used Request.ServerVariables("HTTP_IF_NONE_MATCH").
I think it's possible with jQuery, but any ASP.NET serverside code is good for my situation too.
With jQuery I can load a page to for example a div, and filter the div for <title> tag, but I think for heavy pages, it is not good to first read all of the content and then read the title tag..
or maybe it has a very simple solution? anyways I couldnt find anything about that from internet.
thanks
okay thanks to cjjer and Boo, I've just read more about regex and finally the code below is working for me.
Dim qq As New System.Net.WebClient
Dim theuri As New Uri(TextBox1.Text)
Dim res As String = qq.DownloadString(theuri)
Dim re As Regex = New Regex("<title\b[^>]*>(.*?)</title>", RegexOptions.Singleline)
Dim ma As Match = re.Match(res)
If Not ma Is Nothing And ma.Success Then
Response.Write(ma.Groups(1).Value.ToString())
Else
Response.Write("error")
End If
but anyways, the problem remains, this code is downloading the whole page and seeking through it, which one heavy websites it took more than 2 or 3 secconds to complete, but seems it is the only way as far as I know :|
Is there any suggestions to refine this code?
cjjer almost got it right.
First, change the regex to: <title>(?<Content>.*?)?</title>
Second, you need to create a match object first (just in case your URI does not have a title).
Match tMatch = new RegEx(#"<title>(?<Content>.*?)?</title>").Match(new System.Net.WebClient().DownloadString(url));
if ((null != tMatch) && (tMatch.IsSuccess)) {
// yay.
title = tMatch.Groups("Content").value;
}
Titles usually appear within the first few hundred bytes, so you could try a range request for the first 1KiB or so, try parsing that (with an error-correcting parser, since some closing tags will be missing) and if that fails fall back to loading the whole page.
It would be security risk for you to load any other web page into yours, just for title read... You should do this with server side scripting (asp.net, php, ...) and just output the title to your web page. Thing of some kind of caching because it is seamless to fetch titles on every request.
There is no simple clean way to retrieve an external page's title. You could do it server side using a WebClient and parsing the response.
However it may be worth reviewing the requirement, is it really necessary, how much extra traffic and latency is it going to generate. Consider also that you could be generating load on the external site which is unaware all you want is a title, the page creation may be quite expensive.
string title=Regex.Match(new System.Net.WebClient().DownloadString(url),(#"<title>(.*?)</title>"))[0].Groups[1].ToString();
try.i am not sure.
I am not sure whether all servers support this.
See, if this helps
char[] data = new char[299];
System.Net.HttpWebRequest wr =(HttpWebRequest)WebRequest.Create("http://www.yahoo.com");
wr.AddRange("bytes", 0, 299);
HttpWebResponse wre = (HttpWebResponse)wr.GetResponse();
StreamReader sr = new StreamReader(wre.GetResponseStream());
sr.Read(data, 0, 299);
Console.WriteLine((data));
sr.Close();
EDIT: Try checking with some network monitoring tool to find out what is the text that servers send out. I used fiddler to see the output & wrote it to console.
EDIT2: I am assuming the title to be in the beginning of the page.