NC13.0.4 contact search envelope href attribute mailto "addr-spec" not encoded to RFC 6068 standard

[andrewborell]

Steps to reproduce

1 . Search a contact on upper right
2. Inspect mailto source on envelope next to a contact name
3. bad mailto link in href attribute of anchor tag

Expected behavior

mailto addr-spec should contain : and @ per RFC 6068
e.g.) href="mailto:admin@domain.tld"

RFC 6068 states:

addr-spec is a mail address as specified in [RFC5322], but
excluding from [RFC5322]. However, the following changes
apply:

1. A number of characters that can appear in MUST be
   percent-encoded. These are the characters that cannot appear in
   a URI according to [STD66] as well as "%" (because it is used for
   percent-encoding) and all the characters in gen-delims except "@"
   and ":" (i.e., "/", "?", "#", "[", and "]"). Of the characters
   in sub-delims, at least the following also have to be percent-
   encoded: "&", ";", and "=". Care has to be taken both when
   encoding as well as when decoding to make sure these operations
   are applied only once.

Actual behavior

@ character encoded as %40
e.g.) <a class="top-action" href="mailto:admin%40domain.tld" title="" data-original-title="admin@domain.tld"> <img src="https://domain.tld/nextcloud/core/img/actions/mail.svg" alt="admin@domain.tld"></a>

Server configuration

negligible
Operating system:
Ubuntu 16
Web server:
Apache 2.4
Database:
mysql
PHP version:
7.0
Nextcloud version: (see Nextcloud admin page)
13.0.4
Updated from an older Nextcloud/ownCloud or fresh install:
updated from NC12
Where did you install Nextcloud from:
cli
Signing status:

Client configuration

Browser:
Chrome
Operating system:
Windows 10 Home Insider

[nextcloud-bot]

GitMate.io thinks possibly related issues are #9945 (nc13.0.4 admin delete user failed), #207 (Design spec: Contacts menu), #5599 (Contacts duplicate after upgrade to Nextcloud 12.0), #1168 (contact import), and #7180 (Search field).

[andrewborell]

/lib/private/Contacts/ContactsMenu/ActionFactory.php

return $this->newLinkAction($icon, $name, 'mailto:' . urlencode($email));

A very simple fix:
$email_parts = explode('@',$email);
return $this->newLinkAction($icon, $name, 'mailto:' . urlencode($email_parts[0]) . '@' . urlencode($email_parts[0]) );

A more complicated fix would be to add optional parameters for the subject and body, and of course to consider updating this code to implode an array for contact groups.
// test data
$recipients = array(0=>'foo0@bar.com',1=>'foo1@bar.com',2=>'foo2@bar.com',3=>'FOO0@bar.com');
$subject = 'my test subject!!';
$body = '< i have characters > th@t need to be Enc#0ed ';

//processing
$mailto_href = '';
$emails = array();
foreach($recipients as $recipient_key => $recipient_email){
$recipient_email_parts = explode('@',$recipient_email);
$email_to = strToLower(urlencode($recipient_email_parts[0]) . '@' . urlencode($recipient_email_parts[1]));
$emails[$email_to] = $email_to;
}

$mailto_href .= 'mailto:' . implode(',',$emails);

if(!empty($subject)){
$mailto_href .= '?subject=' . urlencode($subject);
}
if(!empty($body)){
$mailto_href .= '?body=' .urlencode($body);
}

return $this->newLinkAction($icon, $name, $mailto_href );

// mailto_href value:

mailto:foo0@bar.com,foo1@bar.com,foo2@bar.com?subject=my+test+subject%21%21?body=%3C+i+have+characters+%3E+th%40t+need+to+be+Enc%230ed+

Yes, I know I went nuts and possibly over-coded this more complex example but I will explain a few key points. The reason why I used an associative array and strToLower in this example for $emails is not because ALL CAPS email addresses are annoying ( which they are). It was to eliminate duplicate email addresses -- duplicates keys will get overwritten. I anticipate a situation with groups where if you emailed multiple groups and individuals that the same address could get added many times.

[MorrisJobke]

cc @ChristophWurst @georgehrke @skjnldsv

[szaimen]

I'm closing this issue due to inactivity. If this is still happening please make sure to upgrade to the latest version. After that, feel free to reopen.