[Fix] Dot add :// to mailto: URIs (RFC 6068)

mailto: is non-hierarchical — the // authority component never applies.
The bug was in rspamd_mailto_parse setting RSPAMD_URL_FLAG_MISSINGSLASHES
when // was absent, causing rspamd_url_parse_text to
inject :// into the stored string.

Note: bare email addresses detected via the @ pattern (user@example.net
in text, no scheme prefix) still go through a different path where
"mailto://" is injected as a literal prefix — that's a separate issue
and out of scope here.

diff --git a/src/libserver/html/html_cta.cxx b/src/libserver/html/html_cta.cxx
index 2e2579828a6cb6a511f52b9593255ab064e417eb..a25103bea426468a1ac3ade2ef8c4c33d5f01a5f 100644 (file)
--- a/src/libserver/html/html_cta.cxx
+++ b/src/libserver/html/html_cta.cxx
@@ -415,7 +415,10 @@ static auto compute_penalty(const html_tag &tag,
                penalty += 0.3f;
        }
 
-       if (url.protocol == PROTOCOL_MAILTO || url.protocol == PROTOCOL_FTP) {
+       if (url.protocol == PROTOCOL_MAILTO) {
+               penalty += 0.15f;
+       }
+       else if (url.protocol == PROTOCOL_FTP) {
                penalty += 0.05f;
        }
 

diff --git a/src/libserver/url.c b/src/libserver/url.c
index ca539f2ca9603a904c080dcd910d8efa8609e564..9aba86defabf412034de19b7ef094d03d1ae03a4 100644 (file)
--- a/src/libserver/url.c
+++ b/src/libserver/url.c
@@ -746,7 +746,7 @@ rspamd_mailto_parse(struct http_parser_url *u,
                                p++;
                        }
                        else {
-                               *flags |= RSPAMD_URL_FLAG_MISSINGSLASHES;
+                               /* mailto: is non-hierarchical (RFC 6068); // is not required */
                                st = parse_slash_slash;
                        }
                        break;