From 84edf699d419494324e08176c89e9fbfc5a23818 Mon Sep 17 00:00:00 2001 From: jangliss Date: Tue, 19 Jan 2010 03:17:14 +0000 Subject: [PATCH] Fix for mailto: URLs containing a + sign. Thanks to Michael Puls II for the patch. git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13885 7612ce4b-ef26-0410-bec9-ea0150e637f0 --- doc/ChangeLog | 2 ++ functions/url_parser.php | 10 ++++++++-- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/doc/ChangeLog b/doc/ChangeLog index 8e664d74..e46f1f35 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -326,6 +326,8 @@ Version 1.5.2 - SVN - Implemented security token system. (Secunia Advisory SA34627) - Fix issue with multi-part related messages not showing all attachments (#2830140). - Fix for security token missing in newmail plugin (#2919418). + - Fix for mailto: urls containing + characters, thanks to Michael Puls II for the + patch. Version 1.5.1 (branched on 2006-02-12) -------------------------------------- diff --git a/functions/url_parser.php b/functions/url_parser.php index 78f242f3..bf7ed518 100644 --- a/functions/url_parser.php +++ b/functions/url_parser.php @@ -146,9 +146,15 @@ function parseUrl (&$body) { if ((preg_match($MailTo_PReg_Match, $mailto, $regs)) && ($regs[0] != '')) { //sm_print_r($regs); $mailto_before = $target_token . $regs[0]; - $mailto_params = $regs[10]; + /** + * '+' characters in a mailto URI don't need to be percent-encoded. + * However, when mailto URI data is transported via HTTP, '+' must + * be percent-encoded as %2B so that when the HTTP data is + * percent-decoded, you get '+' back and not a space. + */ + $mailto_params = str_replace("+", "%2B", $regs[10]); if ($regs[1]) { //if there is an email addr before '?', we need to merge it with the params - $to = 'to=' . $regs[1]; + $to = 'to=' . str_replace("+", "%2B", $regs[1]); if (strpos($mailto_params, 'to=') > -1) //already a 'to=' $mailto_params = str_replace('to=', $to . '%2C%20', $mailto_params); else { -- 2.25.1