URL encoded control characters in subject causes silent failure

Created on 9 December 2014, about 10 years ago
Updated 29 May 2023, over 1 year ago

What are the steps required to reproduce the bug?

  1. Post a comment within a Forum Topic using a control character (a line feed, for instance) somewhere in the first sentence of the comment body.
  2. Login as a different user, find the comment that you posted in the previous step, and click on "Send Author A Message" to compose a Private Message to this author. Notice that the link contains URL encoded comment body text, and is used as the new Private Message's subject.
  3. Compose the new private message without altering the auto-generated subject, and submit.

What behavior were you expecting?

  • Private message should be sent to the recipient. Any error messages should displayed to the user.

What happened instead?

  • No Private message was sent to the recipient of the Private Message (the comment author from step #1 in "Steps to Reproduce").
  • No error message is displayed

NOTES:

  • The line feed is URL encoded as %0A. Manual removal of this from the "Send Author A Message" link causes this functionality to work as expected.
πŸ› Bug report
Status

Closed: outdated

Version

1.3

Component

Code

Created by

πŸ‡ΊπŸ‡ΈUnited States wuj

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Production build 0.71.5 2024