Open Bug 32442 Opened 25 years ago Updated 2 years ago

More checks for mailto URLs

Categories

(MailNews Core :: Networking, defect, P3)

Product:
MailNews Core
Component:
Networking
Type:
defect

Tracking

(Not tracked)

Milestone:
Future

People

(Reporter: BenB, Unassigned)

References

(Blocks 3 open bugs)

Details

(Keywords: helpwanted, html5) 

Spin-off from bug #19313.

nsMailtoURL (mailnews/compose/src/nsSmtpUrl.cpp) (tnx to Andreas for the link)
doesn't ckeck validity of URLs.

Reproduce:
Send yourself a plain text mail with any mailer containing the string
"<mailto:=(/%)(%=(/%=%>".

Actual result:
The string is falsely recognized as link.

Expected result:
nothing

Additional Comments:
This is *not* a problem of the converter/recognizer. It relies on the URL
implementation for validity checking.

Of course, this bug is not limited to the converter.
Andreas attached a patch in bug #19313 for this bug (#32442).

Andreas,
Tnx for giving it a cut. But I think, the mailto parsing routine will break at
more complex mailto URLs. E.g. what, if the subject contains an "@" or the
descriptive part ("phrase") of the address contains a "," (in a
"quoted-string")? Nearly all chars are allowed in an address, if they are
escaped.

I suggest, you first parse the URL following the "mailto:"-URL-spec RFC2368,
e.g. search for "to=", "bcc=" etc., and then parse the address following RFC822.
Especially the latter will be difficult - RFC822 allows more than one escaping
("quoting") technique.
> Nearly all chars are allowed in an address, if they are escaped.

Note, that "escaped" for RFC822 may simply mean "included in double quotes" or
"prepended by a "\".
I will take a look into rfc822.
Blocks: 3744
Target M17.
Target Milestone: --- → M17
*** Bug 40690 has been marked as a duplicate of this bug. ***
moving to future milestone.
Target Milestone: M17 → Future
Adding helpwanted in hope, Andreas Otte will fix this bug. With this bug, out
TXT->HTML looks silly and we also need indirectly need it for GNKSA-compliance.
Keywords: helpwanted
Blocks: 54844
Keywords: mozilla1.0
Andreas: are you still working on this?

Gerv (just passing through...)
No, not at the moment. I still have to much work to do in my real job, I'm not
at home most of the week. I'm hoping to resurface in June ...
*** Bug 79064 has been marked as a duplicate of this bug. ***
Blocks: 19313
I noticed that somebody had added mozilla1.0 to this. Well, that's long past. To
be nice, I'll re-nominate it for 1.4b, since it was never approved or denied for
1.0.

Is anybody still working on this bug?

-M
Severity: normal → minor
Flags: blocking1.4b?
Keywords: mozilla1.0
Severity: minor → normal
QA Contact: lchiang → nobody
Flags: blocking1.4b? → blocking1.4b-
*** Bug 220736 has been marked as a duplicate of this bug. ***
<http://www.oreillynet.com/pub/a/network/excerpt/spcookbook_chap03/index3.html>

"
The function only validates the actual email address and will not accept any
associated data. For example, it will fail to validate "Bob Bobson
<bob@bobson.com>", but it will successfully validate "bob@bobson.com". If the
supplied email address is syntactically valid, spc_email_isvalid( ) will return
1; otherwise, it will return 0.

#include <string.h>

int spc_email_isvalid(const char *address) {
  int        count = 0;
  const char *c, *domain;
  static char *rfc822_specials = "()<>@,;:\\\"[]";

  /* first we validate the name portion (name@domain) */
  for (c = address;  *c;  c++) {
    if (*c == '\"' && (c == address || *(c - 1) == '.' || *(c - 1) == 
        '\"')) {
      while (*++c) {
        if (*c == '\"') break;
        if (*c == '\\' && (*++c == ' ')) continue;
        if (*c <= ' ' || *c >= 127) return 0;
      }
      if (!*c++) return 0;
      if (*c == '@') break;
      if (*c != '.') return 0;
      continue;
    }
    if (*c == '@') break;
    if (*c <= ' ' || *c >= 127) return 0;
    if (strchr(rfc822_specials, *c)) return 0;
  }
  if (c == address || *(c - 1) == '.') return 0;

  /* next we validate the domain portion (name@domain) */
  if (!*(domain = ++c)) return 0;
  do {
    if (*c == '.') {
      if (c == domain || *(c - 1) == '.') return 0;
      count++;
    }
    if (*c <= ' ' || *c >= 127) return 0;
    if (strchr(rfc822_specials, *c)) return 0;
  } while (*++c);

  return (count >= 1);
}
"
The above code is under the new BSD license
<http://www.secureprogramming.com/?action=license>.


Note that currently *no* checks at all are made on email addresses in mailto:
URLs. Everything passes.
Product: MailNews → Core
(In reply to comment #15)
> *** Bug 378826 has been marked as a duplicate of this bug. ***

Ben,
I think I'll take a shot at this, given that bug 378826 isn't the right route. 
However, given that I've gone down the wrong road once already, can you tell me
if the patch in bug 19313 is the right starting point or should I begin with your code example above?

Scott,
Did you make any headway that I should know about before I start?

Dave
I haven't looked at this in a long time David. Feel free to run with it!
David, following Andreas Otto's lead is the right approach here, he wrote most of the relevant URI checking code. The other bug was only vagely related, though, and is very old, too. Maybe Andreas can give advise about the right code place and approach, though? I wouldn't know.
You can ignore the code example that I posted, if you want, it's just something I found on the web.
Assignee: mscott → nobody
QA Contact: nobody → mailnews.networking
Product: Core → MailNews Core
Keywords: html5
Blocks: 808955
For bug 808955, it would help to make "/" and similar stuff in the username part invalid.
In any case, we need to make checks on the domain part, to not allow "/" there.
Depends on: 635489
Blocks: url
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.