1
0
mirror of https://github.com/django/django.git synced 2024-12-22 17:16:24 +00:00

Fixed #36012 -- Made mailto punctuation percent-encoded in Urlizer.

Urlizer was not properly encoding email addresses containing punctuation
in generated mailto links. Per RFC 6068, fixed by percent encoding
(urllib.parse.quote) the local and domain address parts.
This commit is contained in:
Mike Edmunds 2024-12-14 15:57:41 -08:00 committed by Sarah Boyce
parent b44efdfe54
commit 322e49ba30
2 changed files with 15 additions and 0 deletions

View File

@ -357,6 +357,8 @@ class Urlizer:
domain = punycode(domain) domain = punycode(domain)
except UnicodeError: except UnicodeError:
return word return word
local = quote(local, safe="")
domain = quote(domain, safe="")
url = self.mailto_template.format(local=local, domain=domain) url = self.mailto_template.format(local=local, domain=domain)
nofollow_attr = "" nofollow_attr = ""
# Make link. # Make link.

View File

@ -376,6 +376,19 @@ class TestUtilsHtml(SimpleTestCase):
+ "한.글." * 15 + "한.글." * 15
+ "aaa</a>", + "aaa</a>",
), ),
(
# RFC 6068 requires a mailto URI to percent-encode a number of
# characters that can appear in <addr-spec>.
"yes;this=is&a%valid!email@example.com",
'<a href="mailto:yes%3Bthis%3Dis%26a%25valid%21email@example.com"'
">yes;this=is&a%valid!email@example.com</a>",
),
(
# Urlizer shouldn't urlize the "?org" part of this. But since
# it does, RFC 6068 requires percent encoding the "?".
"test@example.com?org",
'<a href="mailto:test@example.com%3Forg">test@example.com?org</a>',
),
) )
for value, output in tests: for value, output in tests:
with self.subTest(value=value): with self.subTest(value=value):