refactor: Add internal method Utils.encodeForUrl for properly encod…

…ing email addresses for use in URLs (#9541)
parse-community · Mar 6, 2025 · 533a60e · 533a60e
1 parent 22e8568
commit 533a60e
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 1 deletion.
diff --git a/spec/Utils.spec.js b/spec/Utils.spec.js
@@ -1,6 +1,17 @@
 const Utils = require('../src/Utils');
 
 describe('Utils', () => {
+  describe('encodeForUrl', () => {
+    it('should properly escape email with all special ASCII characters for use in URLs', async () => {
+      const values = [
+        { input: `!\"'),.:;<>?]^}`, output: '%21%22%27%29%2C%2E%3A%3B%3C%3E%3F%5D%5E%7D' },
+      ]
+      for (const value of values) {
+        expect(Utils.encodeForUrl(value.input)).toBe(value.output);
+      } 
+    });
+  });
+
   describe('addNestedKeysToRoot', () => {
     it('should move the nested keys to root of object', async () => {
       const obj = {

diff --git a/src/Controllers/UserController.js b/src/Controllers/UserController.js
@@ -282,7 +282,6 @@ export class UserController extends AdaptableController {
       user = await this.setPasswordResetToken(email);
     }
     const token = encodeURIComponent(user._perishable_token);
-
     const link = buildEmailLink(this.config.requestResetPasswordURL, token, this.config);
     const options = {
       appName: this.config.appName,

diff --git a/src/Utils.js b/src/Utils.js
@@ -399,6 +399,17 @@ class Utils {
     }
     return obj;
   }
+
+  /**
+   * Encodes a string to be used in a URL.
+   * @param {String} input The string to encode.
+   * @returns {String} The encoded string.
+   */
+  static encodeForUrl(input) {
+    return encodeURIComponent(input).replace(/[!'.()*]/g, char =>
+      '%' + char.charCodeAt(0).toString(16).toUpperCase()
+    );
+  }
 }
 
 module.exports = Utils;