Hi,
On Jun 14, 2013, at 10:11 AM, Ben Johnson ben@indietorrent.org wrote:
It seems as though the only truly reliable method would be to validate the scripts in consideration of your own environment. As you suggested, a simple Web form (ideally, one that requires authentication) into which users can paste scripts and email bodies would do the job. The form inputs can then be passed to sieve-test. Needless to say, the form inputs should be escaped very carefully to prevent arbitrary code from being executed on your system.
I just re-read your mail, and I must admit I don't understand one part: why would I need authentication? I was thinking of just serving a HTML form via https which expects you to pass a sample mail and a Sieve script, and when submitting that sieve-test is executed and you see the result.
I suppose you were thinking of a different usage, something like - a user logs in with his IMAP credentials, uploads a random mail and then the web server uses the Sieve script which is currently active?
-- Frerich Raabe - raabe@froglogic.com www.froglogic.com - Multi-Platform GUI Testing