Opened 8 years ago

Closed 8 years ago

#2488 closed Bug (fixed)

Encode email "mailto:" links (Fix #2220)

Reported by: aspenwebdesign Owned by: martinkou
Priority: Normal Milestone: FCKeditor 2.6.4
Component: General Version: FCKeditor 2.6.3 Beta
Keywords: Confirmed IE Review+ Cc: antonio@…, bestis

Description (last modified by alfonsoml)

This regards Fix #2220, adding the javascript based encryption of mailto links.

This fix causes problems in Internet Explorer. When you click on an encoded (by FCK) mailto link on the frontend of a website, it causes IE6 and IE7 to do two things:

  1. Open a new email window (what we want)
  1. Take the browser to a new page with "mailto:..." in the content (what we don't want)

This problem exists in IE, but not in Firefox or Safari (what else is new). It's possible this has been resolved in 2.6.3 (we're running 2.6.3 beta) but there is no mention of it.

Can someone kindly look into this? Thanks much for all your hard work!

Attachments (1)

2488.patch (1.7 KB) - added by martinkou 8 years ago.

Download all attachments as: .zip

Change History (16)

comment:1 Changed 8 years ago by cap

  • Cc antonio@… added

Hi, I confirm that the problem exists also on 2.6.3.

Moreover on my Firefox (an old one, is version 2.0.0.16) I get the following error:

 [Exception... "'Permesso negato per ottenere la proprietà Object.protocolFlags' when calling method: [nsIProtocolHandler::protocolFlags]"  nsresult: "0x8057001e (NS_ERROR_XPC_JS_THREW_STRING)"  location: "JS frame :: javascript:location.href='mailto:'+String.fromCharCode(108,101,116,116,117,114,97,100,101,108,108,97,109,97,110,111,95,111,110,108,105,110,101,64,115,101,110,115,105,116,105,118,97,115,105,109,111,110,97,46,99,111,109)+'?subject=Richiesta%20lettura%20della%20mano' :: <TOP_LEVEL> :: line 1"  data: no]
javascript:location.href='mailto:'+String.fromCharCode(108,101,116,116,117,114,97,100,101,108,108,97,109,97,110,111,95,111,110,108,105,110,101,64,115,101,110,115,105,116,105,118,97,115,105,109,111,110,97,46,99,111,109)+'?subject=Richiesta%20lettura%20della%20mano'
Line 1

I translate the error in english:

Permission denied when trying to access the property Object.protocolFlags...

Is it possible to configure fck 2.6.3 in order to have the old behaviour?

Thank you very much for your work.

comment:2 Changed 8 years ago by cap

  • Summary changed from Encode email "mailto:" links (Fix #220) to Encode email "mailto:" links (Fix #2220)

I think that the ticket to which aspenwebdesign is referring is #2220 and not #220. So I update the summary (I cannot update also the description).

comment:3 Changed 8 years ago by alfonsoml

  • Component changed from UI : Floating Panel to General
  • Description modified (diff)
  • Keywords Confirmed IE added; mailto removed

If you change the config to FCKConfig.EMailProtection = 'none' ; you should get the old behaviour (and I think that it should be the default, because those encrypted links aren't usable by people with javascript disabled.

to fix the IE error, it seems that changing from <a href="javascript:location.href='mailto:'+String.fromCharCode(109,97,105,108,64,101,120,97,109,112,108,101,46,99,111,109)+'?'"> to <a href="javascript:void(location.href='mailto:'+String.fromCharCode(109,97,105,108,64,101,120,97,109,112,108,101,46,99,111,109)+'?')"> is enough

comment:4 Changed 8 years ago by cap

Thank you. I have updated the configuration and it successfully works with the non-javascript link (previous behaviour).

comment:5 Changed 8 years ago by bestis

  • Cc bestis added

Tested following patch. Should fix MSIE. Dunno why regexp's has start-of-line and end-of-line, so left them alone and did it with two regexps which will support the old and the new way.

--- /fckeditor/editor/dialog/fck_link/fck_link.js   2008-08-26 11:32:20.000000000 +0300
+++ fck_link.js 2008-10-02 15:45:07.000000000 +0300
@@ -194,7 +194,11 @@
                }
 
                // Try to match the email against the encode protection.
-               var aMatch = aLinkInfo[2].match( /^location\.href='mailto:'\+(String\.fromCharCode\([\d,]+\))\+'(.*)'$/ ) ;
+               var aMatch = aLinkInfo[2].match( /^void\(location\.href='mailto:'\+(String\.fromCharCode\([\d,]+\))\+'(.*)'\)$/ ) ;
+               if ( !aMatch )
+               {
+                       var aMatch = aLinkInfo[2].match( /^location\.href='mailto:'\+(String\.fromCharCode\([\d,]+\))\+'(.*)'$/ ) ;
+               }
                if ( aMatch )
                {
                        // The link is encoded
@@ -253,7 +257,7 @@
                        for ( var i = 0 ; i < address.length ; i++ )
                                aAddressCode.push( address.charCodeAt( i ) ) ;
 
-                       return 'javascript:location.href=\'mailto:\'+String.fromCharCode(' + aAddressCode.join( ',' ) + ')+\'?' + aParams.join( '&' ) + '\'' ;
+                       return 'javascript:void(location.href=\'mailto:\'+String.fromCharCode(' + aAddressCode.join( ',' ) + ')+\'?' + aParams.join( '&' ) + '\')' ;
        }
 
        // EMailProtection 'none'

comment:6 Changed 8 years ago by bestis

And smarter regexp and patch..

--- /fckeditor/editor/dialog/fck_link/fck_link.js    2008-09-19 10:37:49.000000000 +0300
+++ fck_link.js 2008-10-02 17:55:22.000000000 +0300
@@ -194,7 +194,7 @@
                }
 
                // Try to match the email against the encode protection.
-               var aMatch = aLinkInfo[2].match( /^location\.href='mailto:'\+(String\.fromCharCode\([\d,]+\))\+'(.*)'$/ ) ;
+               var aMatch = aLinkInfo[2].match( /^(void\()?location\.href='mailto:'\+(String\.fromCharCode\([\d,]+\))\+'(.*)'(\))?$/ ) ;
                if ( aMatch )
                {
                        // The link is encoded
@@ -253,7 +253,7 @@
                        for ( var i = 0 ; i < address.length ; i++ )
                                aAddressCode.push( address.charCodeAt( i ) ) ;
 
-                       return 'javascript:location.href=\'mailto:\'+String.fromCharCode(' + aAddressCode.join( ',' ) + ')+\'?' + aParams.join( '&' ) + '\'' ;
+                       return 'javascript:void(location.href=\'mailto:\'+String.fromCharCode(' + aAddressCode.join( ',' ) + ')+\'?' + aParams.join( '&' ) + '\')' ;
        }
 
        // EMailProtection 'none'

comment:7 Changed 8 years ago by bestis

And one thing more.. :D The second patch doesn't work.. Dunno about javascripts regexp what breaks it.. To me it seems to as valid as it can be.

comment:8 Changed 8 years ago by alfonsoml

you are creating a new capture group, you should try with

/^(:?void\()?location\.href='mailto:'\+(String\.fromCharCode\([\d,]+\))\+'(.*)'\)?$/

comment:9 Changed 8 years ago by bestis

Oh, true about that, But the problem is that it breaks hard.. FF3 gives me "syntax error, line 201, void(".

With mine and your versions.

So well, I'll use the first patch, and some developers can make it nicer and include in next fckeditor as a fix:)

comment:10 Changed 8 years ago by fredck

  • Milestone set to FCKeditor 2.6.4

comment:11 Changed 8 years ago by martinkou

  • Owner set to martinkou
  • Status changed from new to assigned

Changed 8 years ago by martinkou

comment:12 Changed 8 years ago by martinkou

  • Keywords Review? added

comment:13 Changed 8 years ago by bestis

Seems to work. Dunnot what I typed wrong when trying to test alfonsomi's example..

comment:14 Changed 8 years ago by alfonsoml

  • Keywords Review+ added; Review? removed

the problem with my example is that I wrote from my weak memory and reversed the non-capturing part

comment:15 Changed 8 years ago by martinkou

  • Resolution set to fixed
  • Status changed from assigned to closed

Fixed with [2561].

Click here for more info about our SVN system.

Note: See TracTickets for help on using tickets.
© 2003 – 2016 CKSource – Frederico Knabben. All rights reserved. | Terms of use | Privacy policy