2964 – Lack of escaping of nested double-quotes in To: header

Bug 2964 - Lack of escaping of nested double-quotes in To: header

Summary: Lack of escaping of nested double-quotes in To: header

Status:	RESOLVED FIXED

Alias:	None

Product:	Claws Mail (Windows)
Classification:	Unclassified
Component:	default (show other bugs)
Version:	3.9.1
Hardware:	PC Windows XP

Importance:	P3 normal
Assignee:	users

URL:

Depends on:
Blocks:

Reported:	2013-07-12 17:37 UTC by LoseDanger
Modified:	2013-11-05 01:19 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description LoseDanger 2013-07-12 17:37:30 UTC

Based on reading of info in the red box on http://mailformat.dan.info/headers/from.html I decided to perform the following test:

1) Create a new email message to "Jesse "The Body" Ventura" <your-real-email-address-here@domain.tld>

2) Observe that claws does not properly escape the nested double-quotes.

3) Email arrives with incorrectly displayed To: header.

If I manually escape the quotes, like this "Jesse \"The Body\" Ventura", then the email is displayed properly.

I propose automatic escaping of nested double-quotes.

Comment 1 LoseDanger 2013-07-12 18:27:00 UTC

Better instructions:

1) Go to Configuration -> Preferences for current account -> Basic

2) Set your Full name to:
Jesse "The Body" Ventura

3) Send an email to yourself.

4) Observe that the incoming email's header gets changed to:
From: Jesse The Body <your@email.address>

and Claws Mail displays it as:
Jesse The Body

I am testing this over Gmail, so I do not know if it is a mistake of gmail to remove the surname Ventura.

I now manually escape the quotes with a backslash, in the Full name:
Jesse \"The Body\" Ventura

When I now send an email to myself, the entire From header is preserved:
From: "Jesse \"The Body\" Ventura" <your@email.address>

and Claws Mail displays it correctly as:
Jesse "The Body" Ventura

Comment 2 Paul 2013-07-12 20:10:25 UTC

works for me. must be a windows-only bug (changing 'product')

Comment 3 users 2013-11-05 01:04:07 UTC

Changes related to this bug have been committed.
Please check latest Git and update the bug accordingly.
You can also get the patch from:
http://git.claws-mail.org/

http://git.claws-mail.org/?p=claws.git;a=commitdiff;h=5f939e0bd34b5a7ea794820ab4de63498082ab0a
Merge: 88f2dca 21263f8
Author: Colin Leroy <colin@colino.net>
Date:   Tue Nov 5 01:04:05 2013 +0100

    Merge branch 'master' of file:///home/git/claws

http://git.claws-mail.org/?p=claws.git;a=commitdiff;h=21263f83d92189a8048b9f86fa5479e0503bc864
Author: Ricardo Mones <ricardo@mones.org>
Date:   Tue Nov 5 00:56:11 2013 +0100

    Fix bug #2964 'Lack of escaping of nested double-quotes in To: header'
    
    Additionally double quotes are also escaped in other relevant headers.

http://git.claws-mail.org/?p=claws.git;a=commitdiff;h=ab9cadc4a4ea4875fec8a2d4651440780a7922d5
Author: Ricardo Mones <ricardo@mones.org>
Date:   Tue Nov 5 00:55:10 2013 +0100

    New utils function escape_internal_quotes
    
    Searchs for all quotation characters within a string, creating
    (only if required) a copy with the quotation characters escaped.

Note You need to log in before you can comment on or make changes to this bug.