Open Bug 1211462 Opened 10 years ago Updated 3 years ago

Autoconfiguration: Request with wrongly encoded @-sign

Categories

(Thunderbird :: Account Manager, defect)

Product:
Thunderbird
Component:
Account Manager
Version:
38 Branch
Type:
defect

Tracking

(Not tracked)

People

(Reporter: adi, Unassigned)

References

Details

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:41.0) Gecko/20100101 Firefox/41.0 Build ID: 20150929144111 Steps to reproduce: Use Thunderbirds auto configuration tool to set up a new mail account. The tool tries to detect the server settings and sends a http request to the mail domain under the following URL: http://maildomain.tld/.well-known/autoconfig/mail/config-v1.1.xml?emailaddress=example@maildomain.tld The server receives this request as .../config-v1.1.xml?emailaddress=example%2540maildomain.tld (You can find a description of the auto configuration mechanism in wiki: https://wiki.mozilla.org/Thunderbird:Autoconfiguration) Actual results: TB encodes the @-character wrong: %2540 is not a valid percent encoding for the @-sign. It seems like TB encodes the URL twice, in the first round it encodes the @ to %40 and in the second round it encodes %40 to %2540 (%25 ist the encoding of the %-char). Expected results: The correct percent encoding of an @-character is %40; therefor the request in the example above should be: ../config-v1.1.xml?emailaddress=example%40maildomain.tld
Interesting. If TB behaves as described, that's indeed a bug. Double-encoding is bad bad bad.
Status: UNCONFIRMED → NEW
Ever confirmed: true

%2540

same problem here
perhaps if you are configuring from rdp session or another os like mac?

Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.