email obfuscation on mediawiki
Daniel Molkentin
daniel at molkentin.de
Sun Jan 25 21:53:25 GMT 2009
Hi,
Am Sonntag 25 Januar 2009 schrieb Andre Gemünd:
> imho the problem is the htmlspecialchars() call on $email_prefix .
> $email. this replaces the ampersands of the ascii codes with &, so
> the browser doesn't recognize it. If I replace all "&" with & it works.
> I don't know RFC 5322 well, but as we are replacing every character
> inside both the prefix and mail with ascii codes there should be no
> offending characters in the string.
> You could try replacing the
>
> . htmlspecialchars($email_prefix . $email) .
> with just
> . $email_prefix . $email .
You are right, that works. Just to be on the safe side, I changed to code to
call htmlspecialchars() on the unprocessed strings (i.e. before the
obfuscation).
Cheers,
Daniel
More information about the kde-core-devel
mailing list