Closed Bug 98664 (+emailwizard) Opened 23 years ago Closed 18 years ago

issues if you enter jap3003+bugzilla@ksu.edu as the email address in the account wizard.

Categories

(SeaMonkey :: MailNews: Account Configuration, defect)

Product:
SeaMonkey
Component:
MailNews: Account Configuration
Platform:
x86
Windows 2000
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WORKSFORME
Milestone:
mozilla1.0.1

People

(Reporter: sspitzer, Unassigned)

References

Details

Attachments

(1 file, 2 obsolete files)

Updated patch
3.26 KB, patch
Details | Diff | Splinter Review 
comments from jap3003+bugzilla@ksu.edu from bug #91257

[For those who don't know: Sendmail
apparently has a feature (I didn't enable it; the admin did) by which the
username portion of an email address can contain a plus after it and then
mostly-arbitrary text.  Everything then between the + and @ are (I think)
stripped out of the address, and the mail goes on its merry way, see my email
address (jap3003+bugzilla@ksu.edu) for example].

I've been using this for a while, and have been having difficulties with it. 
Apparently, all non-alphanumeric characters [probably more; I haven't looked
into it] are translated into %xx, and a new news account is created with this
name as soon as I click on one of the newsgroups.  All messages from the
newsgroups go into this new account.  And, naturally, if I click on the
newsgroup under this *new* account, *another* account is created, but with %25
prepended to the %xx from before (the % from before), and the % is stripped out.
 This click-and-creation can go on ad infinitum.

What's more, if the news account is deleted and then another is re-created with
exactly the same server [even with a different name], then the little
expand/contract arrow appears beside the account settings, but nothing is
displayed at first.  If the account is contracted, then expanded again, <i>the
old subscribed newsgroups return</i>.  Regardless of the new email address, the
old "user%xx on server" "accounts" come back just as before, when one clicks on
the newsgroups.
If the email address of a news account contains any character such 
as '/', 'å', '&', '+' (etc.) then this mysterious behaviour will take over.

I have been having fun in the debugger for a few days and finally noticed that 
the account manager's FindServer() API wants an unescaped username. All the 
other callers gives it that. This particular call doesn't. Hence, FindServer() 
fails in this case and triggers some strange code in nsNntpService that creates 
a new account.

Fix is to unescape the username in this function. :)
Assignee: racham → hwaara
Attached patch fix (obsolete) — Splinter Review 

    
    

    
  
By the way, this was the root cause of bug 91257 that we worked around by 
blocking some common illegal characters in the account wizard. Now we will not 
discriminate users with '+', '/' and the like in their email addresses to use 
news.

Requesting r= and sr= on the fix from bienvenu and sspitzer.

Status: NEW → ASSIGNED

    
    

    
  
Comment on attachment 48722 [details] [diff] [review]
fix

I did some more testing and noticed that even if we now don't crash or create a new wierd account, you still can't retrieve the newsgroups from the server if you have a 'bad' email.

Investigating.

        Attachment #48722 -
        Attachment is obsolete: true

    
    

    
  
Hmm... so this the way things work:

if I have the email in my news account as 'hwaara+example@chello.se' then my
username when I attempt to retrieve newsgroups from the server will be
'hwaara+example'.

I am suspecting that certain other areas other than the nntpService doesn't like
this plus sign. Perhaps the servers reject it. What do we do here? Strip it away?

Bienvenu and Seth, please tell me how to cope with this problem.

    
    

    
  

      
      
      
      

        Attached patch
          
          
        Patch -uw (obsolete)
        — Splinter Review
      

    


  
Make some bad code respect FindServer()'s preference of unescaped strings. This
works very nice.  I tested it by making a news account for a valid news server
with the email "\\\///@yahoo.com" and I could subscribe and post msgs using
news just fine. :)

    
    

    
  
Seth, need review on this one as well...

    
    

    
  
Seth doesn't seem to have time to do this; bienvenu can you review the fix instead?
Keywords: patch

    
    

    
  

      
      
      
      

        Attached patch
          
          
        Updated patchSplinter Review
      

    


  
Removed a comment and fixed an indentation issue.

        Attachment #57404 -
        Attachment is obsolete: true

    
    

    
  
reviewing and testing now...

    
    

    
  
this patch is not complete.

set your breakpoint at InternalFindServer(), I'm still getting in there with 
usernames and hostnames that are not escaped.

I tried to create a news account with the email address 
jap3003+bugzilla@ksu.edu, and during the account creation process, we call 
FindServer() two different times.  [which calls InternalFindServer()]

username is note escaped.

after the account is created, I try to use the subscribe dialog, it fails.

I assert here:

line 471, nsNNTPProtocol.cpp:
    rv = accountManager->FindServer((const char *)userName, (const char *)
hostName, "nntp",getter_AddRefs(server));

that fails, because userName is jap3003%2Bbugzilla

interesting, when I do javascript:alert(escape("jap3003+bugzilla") it shows me 
jap3003+bugzilla.

nsEscape() (the C++ version) takes two args, it might be that depending on the 
second one, we'll escape (or not escape) +.


    
    

    
  
Thanks, I'll look into this.

    
    

    
  
Kevin, is this important for the next release? A new News account is created if
the username has special characters. Bug# 95771 mentions a similar problem.

    
    

    
  
Not sure. Nominating so it gets on our triage radar.
Keywords: nsbeta1

    
    

    
  
*** Bug 115409 has been marked as a duplicate of this bug. ***

    
    

    
  
I'll try to get to this soon. (BTW, nbaca, I suspect the bug you cited is a
duplicate of this, but we'll see...)
Target Milestone: --- → mozilla0.9.8

    
    

    
  
->0.9.9
Target Milestone: mozilla0.9.8 → mozilla0.9.9

    
    

    
  
Due to internal problems with my computer, I don't know when I'll get back to
this bug. Feel free to attach a patch -- I'll review it. 

Changing target milestone for now.
Target Milestone: mozilla0.9.9 → mozilla1.0.1

    
    

    
  
nsbeta1- per ADT triage. 
Keywords: nsbeta1nsbeta1-

    
    

    
  
*** Bug 140696 has been marked as a duplicate of this bug. ***

    
    

    
  
*** Bug 142301 has been marked as a duplicate of this bug. ***

    
    

    
  
*** Bug 138564 has been marked as a duplicate of this bug. ***

    
    

    
  
*** Bug 146736 has been marked as a duplicate of this bug. ***

    
    

    
  
*** Bug 95771 has been marked as a duplicate of this bug. ***

    
    

    
  
*** Bug 147840 has been marked as a duplicate of this bug. ***

    
    

    
  
*** Bug 155758 has been marked as a duplicate of this bug. ***

    
    

    
  
*** Bug 157163 has been marked as a duplicate of this bug. ***
Product: Browser → Seamonkey

    
    

    
  
Is this still a problem
Assignee: hwaara → mail
Status: ASSIGNED → NEW
QA Contact: nbaca

    
    

    
  
(In reply to comment #28)
> Is this still a problem

Doesn't appear to be -- I tried and can't reproduce it, and after that flurry 
of dupes in 2002 there hasn't been another for over three years.
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → WORKSFORME

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: