feat: apply markdown rendering to HITL email, sanitize email subject and body (#32305)

This PR: 1. Fixes the bug that email body of `HumanInput` node are sent as-is, without markdown rendering or sanitization 2. Applies HTML sanitization to email subject and body 3. Removes `\r` and `\n` from email subject to prevent SMTP header injection Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: QuantumGhost <obelisk.reg+git@gmail.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2026-03-19 05:37:42 +08:00 · 2026-03-16 16:52:46 +08:00
parent 4822d550b6
commit 57d476d4e2
8 changed files with 229 additions and 9 deletions
--- a/api/tasks/mail_human_input_delivery_task.py
+++ b/api/tasks/mail_human_input_delivery_task.py
@ -111,7 +111,7 @@ def _render_body(
        url=form_link,
        variable_pool=variable_pool,
    )
-    return body
+    return EmailDeliveryConfig.render_markdown_body(body)


 def _load_variable_pool(workflow_run_id: str | None) -> VariablePool | None:
@ -173,10 +173,11 @@ def dispatch_human_input_email_task(form_id: str, node_title: str | None = None,
            for recipient in job.recipients:
                form_link = _build_form_link(recipient.token)
                body = _render_body(job.body, form_link, variable_pool=variable_pool)
+                subject = EmailDeliveryConfig.sanitize_subject(job.subject)

                mail.send(
                    to=recipient.email,
-                    subject=job.subject,
+                    subject=subject,
                    html=body,
                )