feat: apply markdown rendering to HITL email, sanitize email subject and body

[Blackoutta]

Fixes #32304
Fixes #33513

Summary

• Add NH3-based sanitization for human-input email HTML with strict/balanced/free profiles.
• Apply sanitization in both test-send and background mail task paths.
• Harden subject handling by stripping ASCII control characters (except tab).
• Add unit tests for sanitizer behavior and update mail config docs.
• Dependency: nh3~=0.3.2.

Checklist

• This change requires a documentation update, included: Dify Document
• I understand that this PR may be closed in case there was no previous discussion or issues. (This doesn't apply to typos!)
• I've added a test for each change that was introduced, and I tried as much as possible to make a single atomic change.
• I've updated the documentation accordingly.
• I ran make lint and make type-check (backend) and cd web && npx lint-staged (frontend) to appease the lint gods

[gemini-code-assist]

Summary of Changes

Hello @Blackoutta, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the security posture of outbound emails by integrating robust HTML and subject sanitization. It addresses potential vulnerabilities arising from untrusted HTML content in emails by introducing configurable sanitization profiles, ensuring that only safe and intended elements are delivered to recipients. This change improves the integrity and safety of email communications within the system.

Highlights

• Email HTML Sanitization: Introduced NH3-based HTML sanitization for outbound emails, offering 'strict', 'balanced', and 'free' profiles to control allowed tags, attributes, and URL schemes.
• Subject Hardening: Implemented email subject hardening by stripping most ASCII control characters (except tab) to prevent injection attacks.
• Sanitization Application: Applied both HTML and subject sanitization to email content in test-send functionality and background mail tasks, ensuring consistent security.
• New Dependency & Configuration: Added nh3~=0.3.2 as a new dependency and introduced MAIL_HTML_SANITIZER_PROFILE configuration option in environment files and Docker Compose.
• Unit Testing: Added comprehensive unit tests to validate the behavior of the new HTML and subject sanitization logic across different profiles and malicious inputs.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Changelog

• api/.env.example
  • Added a new environment variable MAIL_HTML_SANITIZER_PROFILE with a default of balanced to configure email HTML sanitization.
• api/configs/feature/init.py
  • Defined MailHtmlSanitizerProfile enum with STRICT, BALANCED, and FREE options.
  • Integrated MAIL_HTML_SANITIZER_PROFILE into the MailConfig class with a default value of BALANCED.
• api/libs/email_html_sanitizer.py
  • Created a new module containing functions sanitize_email_html and sanitize_email_subject.
  • Implemented nh3-based HTML cleaning logic with predefined strict and balanced profiles.
  • Added logic to strip control characters from email subjects.
• api/pyproject.toml
  • Added nh3~=0.3.2 to the project's dependencies.
• api/services/human_input_delivery_test_service.py
  • Imported sanitize_email_html and sanitize_email_subject functions.
  • Updated the send_test function to apply sanitization to the email subject and body before sending test emails.
• api/tasks/mail_human_input_delivery_task.py
  • Imported sanitize_email_html and sanitize_email_subject functions.
  • Modified the dispatch_human_input_email_task to sanitize both the subject and HTML body of emails before dispatching them.
• api/tests/unit_tests/libs/test_email_html_sanitizer.py
  • Added a new test file with unit tests covering various scenarios for HTML and subject sanitization.
  • Included tests for stripping scripts, event handlers, JavaScript URLs, and control characters, and verifying allowed content.
• api/tests/unit_tests/services/test_human_input_delivery_test_service.py
  • Added a new test case to verify that the email delivery test handler correctly sanitizes HTML content based on the configured profile.
• api/uv.lock
  • Updated the dependency lock file to include the nh3 package and its associated metadata.
• docker/.env.example
  • Added MAIL_HTML_SANITIZER_PROFILE with a default value of balanced to the Docker environment example.
• docker/docker-compose.yaml
  • Included MAIL_HTML_SANITIZER_PROFILE in the x-shared-env section for API and worker services, defaulting to balanced.

Activity

• No human activity has been recorded on this pull request yet.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces robust HTML sanitization for emails using the nh3 library and hardens email subject handling, providing strong security against XSS and CRLF injection attacks. While no critical security vulnerabilities were identified, there is a critical bug in the background task where the email subject is not rendered, causing template variables to be ignored. Further improvements include making the sanitize_email_subject function more concise and clarifying misleading test names in the new unit tests. The critical bug in the mail task must be addressed before merging.

[github-actions]

Pyrefly Diff

No changes detected.

[QuantumGhost]

Hi @Blackoutta, I have revised the PR and introduced markdown rendering as part of the PR. I've also added SMTP header injection protection to this PR.

[github-actions]

Pyrefly Diff

No changes detected.

[Blackoutta]

Hi @Blackoutta, I have revised the PR and introduced markdown rendering as part of the PR. I've also added SMTP header injection protection to this PR.

awesome!