Using backslahes / on MAILER_URL .env #270
Description
Symfony version(s) affected: 4.1.8
Description
Can't use / on the password for email authentication.
How to reproduce
Use an email that has a password for example: stuff/2018.
Meaning that MAILER_URL would be something like this:
MAILER_URL=smtp://test@gmail.com:stuff/2018@smtp.gmail.com?port=465&auth_mode=login&encryption=ssl
In my case I'm using gmail, and the password has a /, this completely breaks the MAILER_URL parameter, I've tried using %2F instead of /, even tried to use // to maybe escape or even \/ but nothing.
It basically breaks on:
Symfony\Bundle\SwiftmailerBundle\DependencyInjection\SwiftmailerTransportFactory on the calling of parse_url around on line 102:
if (isset($options['url'])) {
$parts = parse_url($options['url']);
if (isset($parts['scheme'])) {
$options['transport'] = $parts['scheme'];
}
if (isset($parts['user'])) {
$options['username'] = $parts['user'];
}
Using %2F as escaping works, and the password is correctly setup:
array:5 [▼
"scheme" => "smtp"
"host" => "smtp.gmail.com"
"user" => "test@gmail.com"
"pass" => "test%2F2018"
"query" => "port=465&auth_mode=login&encryption=ssl"
]
But it then get's rejected by gmail in this case ( could gmail be the culprit here, don't really think so ), because the password does not match since the password really is: stuff/2018.
I've managed to go around it, by basically passing all the parameters separately.
Possible Solution
Running url_decode on each part returned by the parse_url function? Don't really know if this is a valid solution and secure one,, and if it won't break already functioning code, for example: symfony/symfony-docs#9824 ( I was the one that lost 3 hours trying to figure out what happened with the + sign ).
Is this really a bug? Or am I missing something really simple?