[PATCH v2] view: do not escape first `@' in mailto: URLs

Thu, 09 Jun 2022 10:54:03 -0700 

Moritz Poldrack <[email protected]> wrote:
> Important: only the @ after the ? (in query parameters) have to be
> escaped.
> 
> mailto:[email protected]?cc=list%40mailinglist.org

Ah, thanks.  Here's an updated version:

---------8<---------
Subject: [PATCH] view: do not escape first `@' in mailto: URLs

It's probably not a perfect match for RFC 6068 atm, but perfect
is the enemy of good.

Reported-by: Moritz Poldrack <[email protected]>
Link: https://public-inbox.org/meta/CKJSWGSZFKMX.3VUSIYE955Z9X@Archetype/
---
 lib/PublicInbox/Reply.pm | 9 ++++++---
 t/plack.t                | 1 +
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/lib/PublicInbox/Reply.pm b/lib/PublicInbox/Reply.pm
index d96fadfc..592dfb62 100644
--- a/lib/PublicInbox/Reply.pm
+++ b/lib/PublicInbox/Reply.pm
@@ -1,10 +1,10 @@
-# Copyright (C) 2014-2021 all contributors <[email protected]>
+# Copyright (C) all contributors <[email protected]>
 # License: AGPL-3.0+ <https://www.gnu.org/licenses/agpl-3.0.txt>
 
 # For reply instructions and address generation in WWW UI
 package PublicInbox::Reply;
 use strict;
-use warnings;
+use v5.10.1;
 use URI::Escape qw/uri_escape_utf8/;
 use PublicInbox::Hval qw(ascii_html obfuscate_addrs mid_href);
 use PublicInbox::Address;
@@ -81,7 +81,6 @@ sub mailto_arg_link {
                # no $subj for $href below
        } else {
                push @arg, "--to=$to";
-               $to = uri_escape_utf8($to);
                $subj = uri_escape_utf8($subj);
        }
        my @cc = sort values %$cc;
@@ -106,6 +105,10 @@ sub mailto_arg_link {
        # anyways.
        return (\@arg, '', $reply_to_all) if $obfs;
 
+       # keep `@' instead of using `%40' for RFC 6068
+       utf8::encode($to);
+       $to =~ s!([^A-Za-z0-9\-\._~\@])!$URI::Escape::escapes{$1}!ge;
+
        # order matters, Subject is the least important header,
        # so it is last in case it's lost/truncated in a copy+paste
        my $href = "mailto:$to?In-Reply-To=$irt${cc}&Subject=$subj";;
diff --git a/t/plack.t b/t/plack.t
index e4dedce6..a5fd54c9 100644
--- a/t/plack.t
+++ b/t/plack.t
@@ -85,6 +85,7 @@ test_psgi($app, sub {
        my ($cb) = @_;
        my $res = $cb->(GET('http://example.com/test/[email protected]/'));
        is($res->code, 200, 'retrieved CRLF as HTML');
+       like($res->content, qr/mailto:me\@example/, 'no %40, per RFC 6068');
        unlike($res->content, qr/\r/, 'no CR in HTML');
        $res = $cb->(GET('http://example.com/test/[email protected]/raw'));
        is($res->code, 200, 'retrieved CRLF raw');

Reply via email to