fix(linky): encode double quotes when serializing email addresses

Email addresses can (under certain restrictions) include double quote
characters. See http://tools.ietf.org/html/rfc3696#section-3.

For example, `"Jo Bloggs"@abc.com` is a valid email address.

When serializing emails to the `href` attribute of an anchor element,
we must HTML encode these double quote characters. See
http://www.w3.org/TR/html-markup/syntax.html#syntax-attr-double-quoted

This commit does not attempt to improve the functionality (i.e. regex)
that attempts to identify email addresses in a general string.

Closes #8945
Closes #8964
Closes #5946
Closes #10090
Closes #9256
This commit is contained in:
Lucas Galfaso
2014-09-06 01:40:26 +02:00
committed by Peter Bacon Darwin
parent 42d09f1772
commit 8ee8ffeba0
2 changed files with 5 additions and 1 deletions
+1 -1
View File
@@ -142,7 +142,7 @@ angular.module('ngSanitize').filter('linky', ['$sanitize', function($sanitize) {
'" ');
}
html.push('href="',
url,
url.replace('"', '"'),
'">');
addText(text);
html.push('</a>');
+4
View File
@@ -29,6 +29,10 @@ describe('linky', function() {
toEqual('my email is &#34;<a href="mailto:me@example.com">me@example.com</a>&#34;');
});
it('should handle quotes in the email', function() {
expect(linky('foo@"bar.com')).toEqual('<a href="mailto:foo@&#34;bar.com">foo@&#34;bar.com</a>');
});
it('should handle target:', function() {
expect(linky("http://example.com", "_blank")).
toEqual('<a target="_blank" href="http://example.com">http://example.com</a>');