Email padding is broken again.
In our test cases web we have a test that fails so I really wonder why these sorts of bugs come back.
I think people are too focused on the unit tests which are very limited in scope.
Here are the examples from TestCaseAutoFormatting
<a href="mailto:?subject=Hi">Subject only</a>
And without verbatim. Here on bugs there is no email padding enabled. So enable it on your own TWiki and copy the code there.
and as you can see when you view sources the padding is missing on email addresses that are not with mailto and the encoding of @ and dots is also missing. It only pads the href link.
It is not enough that the href mailto link is padded. The readable test must also be padded. Email harvesters will look for anything that matches an email address.
This means that peoples email addresses in old Cairo user topics are completely unprotected! Therefore urgent. Bug was also in 4.0.5
Running the unit tests and not ignoring the warnings reveals that there is an issue with uninitialised variable.
I have added the code that eliminates this problem and also added the unit test that will reveal if the above problem comes back
A link like a@bNOSPAM.com
is now padded but still not entity encoded.
It has been working and the test case supports the feature.
It was Crawford that removed the code originally. Without fixing the test case. But in this case I will not fix the test case because it makes no sense that email addresses only sometimes are encoded.
Originally there was a code in Render.pm line 729 that said
# Much harder obfuscation scheme
$url =~ s/(\W)/'&#'.ord($1).';'/ge;
$text =~ s/(\W)/'&#'.ord($1).';'/ge;
This was removed because it caused other trouble.
[[mailto:email@example.com][Send Us Feedback]]
would be rendered as Send Us Feedback with the nops entity encoded and therefore visible so this is why Crawford removed it.
A simple fix is to only encode @ when it is link text and not spaces and other whitespace.
This also means that clear text used for email links is not encoded which makes a whole lot of sense.
Waiting for release (again
See also Item2928
. It shows what the old issue was.