fix: quote display names with special characters in email headers#375
Open
tobias-weiss-ai-xr wants to merge 1 commit intoAlinto:masterfrom
Open
fix: quote display names with special characters in email headers#375tobias-weiss-ai-xr wants to merge 1 commit intoAlinto:masterfrom
tobias-weiss-ai-xr wants to merge 1 commit intoAlinto:masterfrom
Conversation
…aders Fix critical bug where SOGo fails to quote display names containing special characters (commas, parentheses, brackets, etc.) when serializing email headers. This caused parsers to create bogus recipients and bounce emails. Root Cause: - The _quoteSpecials: method checked for special characters ANYWHERE in the address string (including email part), and since all emails contain @ and ., it was always triggering - It incorrectly extracted display names, assuming whitespace before < - It didn't detect already-formatted addresses (quoted or RFC 2047 encoded) Fix: - Complete rewrite of _quoteSpecials: method - Only checks display name (not email part) for special characters - Detects already-formatted addresses (quoted strings, encoded words) - Properly escapes backslashes and double quotes inside quoted strings - Follows RFC 5322 specification precisely Added helper methods: - _needsQuotingForPhrase: - RFC 5322-compliant special character check - _alreadyProperlyFormatted: - Detects quoted or encoded display names - _quoteAndEscape: - Proper quoting and escaping Test Coverage: - Added TestSOGoDraftObjectQuoteSpecials.m with 18 comprehensive tests - Covers all RFC 5322 special characters - Tests edge cases (nil, empty, whitespace, already-formatted) Fixes: Display names like "Lastname, Firstname (INFO)[MoreINFO]" now emit as: "Lastname, Firstname (INFO)[MoreINFO]" <user@example.com> Instead of: Lastname, Firstname (INFO)[MoreINFO] <user@example.com> Co-authored-by: TDD workflow See: docs/fix-email-header-serialization-bug.md for full analysis
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See https://www.mail-archive.com/users@sogo.nu/msg34122.html
Fix critical bug where SOGo fails to quote display names containing special characters (commas, parentheses, brackets, etc.) when serializing email headers. This caused parsers to create bogus recipients and bounce emails.
Root Cause:
Fix:
Added helper methods:
Test Coverage:
Fixes: Display names like "Lastname, Firstname (INFO)[MoreINFO]" now emit as: "Lastname, Firstname (INFO)[MoreINFO]" user@example.com
Instead of: Lastname, Firstname (INFO)[MoreINFO] user@example.com
Co-authored-by: TDD workflow
See: docs/fix-email-header-serialization-bug.md for full analysis