TYPO3 Core

Andreas Fernandez wrote:

Thank you for your report.

I fail to reproduce this issue in latest master and 9.5.15-dev.
Can you please describe step-by-step what you're doing to reproduce the issue?

Kind regards
Andreas

just create a link and add the title parameter, as you do by adding it in your href link.
Like this:

mailto:no-one@snai1mai1.com?subject=free chocolate

This will show some garbadge in url and in your mail client if you click on it.

I tried with latest 10.4.4-dev (latest master) and the following test:

1) TS Setup:

config.spamProtectEmailAddresses = 1

2) Create a text content element, write some text, use wizard to add a link

type: email
email address:

test@gmail.com?subject=this%20is%20a%20subject

result: the javascript encrypts everything; clicking on the address my mail client opens with the address and subject correctly filled.

The only weird result I got was when using a space instead of %20: in this case part of the subject became the attribute target (!) of the link

Can you try again with the latest 10.4.22 ? We changed a lot of things (regarding security) in this area.

Benni Mack wrote in #note-4:

Can you try again with the latest 10.4.22 ? We changed a lot of things (regarding security) in this area.

I can confirm it works now - Text is shown normal, even with encrypted mail address activated.

https://imgur.com/a/kKCGLgl