From 929dd15b9b65034350f18abe6c56a8d956f4b978 Mon Sep 17 00:00:00 2001 From: Lucas Galfaso Date: Sat, 6 Sep 2014 01:40:26 +0200 Subject: [PATCH] fix(linky): encode double quotes when serializing email addresses Email addresses can (under certain restrictions) include double quote characters. See http://tools.ietf.org/html/rfc3696#section-3. For example, `"Jo Bloggs"@abc.com` is a valid email address. When serializing emails to the `href` attribute of an anchor element, we must HTML encode these double quote characters. See http://www.w3.org/TR/html-markup/syntax.html#syntax-attr-double-quoted This commit does not attempt to improve the functionality (i.e. regex) that attempts to identify email addresses in a general string. Closes #8945 Closes #8964 Closes #5946 Closes #10090 Closes #9256 --- src/ngSanitize/filter/linky.js | 6 +++--- test/ngSanitize/filter/linkySpec.js | 4 ++++ 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/src/ngSanitize/filter/linky.js b/src/ngSanitize/filter/linky.js index efaa54d8b..4bf06cbcc 100644 --- a/src/ngSanitize/filter/linky.js +++ b/src/ngSanitize/filter/linky.js @@ -141,9 +141,9 @@ angular.module('ngSanitize').filter('linky', ['$sanitize', function($sanitize) { html.push(target); html.push('" '); } - html.push('href="'); - html.push(url); - html.push('">'); + html.push('href="', + url.replace('"', '"'), + '">'); addText(text); html.push(''); } diff --git a/test/ngSanitize/filter/linkySpec.js b/test/ngSanitize/filter/linkySpec.js index a09d78688..0278597ff 100644 --- a/test/ngSanitize/filter/linkySpec.js +++ b/test/ngSanitize/filter/linkySpec.js @@ -29,6 +29,10 @@ describe('linky', function() { toEqual('my email is "me@example.com"'); }); + it('should handle quotes in the email', function() { + expect(linky('foo@"bar.com')).toEqual('foo@"bar.com'); + }); + it('should handle target:', function() { expect(linky("http://example.com", "_blank")). toEqual('http://example.com');