X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=functions%2Furl_parser.php;h=bf7ed518088894616b4fd90521eb01407dfb0bd8;hb=84edf699d419494324e08176c89e9fbfc5a23818;hp=78f242f3ebeddd138c7ebf8aa595a292c3b33687;hpb=30460a05016c7e066ad7b28df7788539e4054a99;p=squirrelmail.git

diff --git a/functions/url_parser.php b/functions/url_parser.php
index 78f242f3..bf7ed518 100644
--- a/functions/url_parser.php
+++ b/functions/url_parser.php
@@ -146,9 +146,15 @@ function parseUrl (&$body) {
             if ((preg_match($MailTo_PReg_Match, $mailto, $regs)) && ($regs[0] != '')) {
                 //sm_print_r($regs);
                 $mailto_before = $target_token . $regs[0];
-                $mailto_params = $regs[10];
+                /**
+                 * '+' characters in a mailto URI don't need to be percent-encoded.
+                 * However, when mailto URI data is transported via HTTP, '+' must
+                 * be percent-encoded as %2B so that when the HTTP data is
+                 * percent-decoded, you get '+' back and not a space.
+                 */
+                $mailto_params = str_replace("+", "%2B", $regs[10]);
                 if ($regs[1]) {    //if there is an email addr before '?', we need to merge it with the params
-                    $to = 'to=' . $regs[1];
+                    $to = 'to=' . str_replace("+", "%2B", $regs[1]);
                     if (strpos($mailto_params, 'to=') > -1)    //already a 'to='
                         $mailto_params = str_replace('to=', $to . '%2C%20', $mailto_params);
                     else {