From d64e05709cc3db1f5088809bb575b144419e642d Mon Sep 17 00:00:00 2001
From: Vishal Kumar Singh <vishal.kr.singh2021@gmail.com>
Date: Sat, 16 May 2026 12:06:56 +0530
Subject: [PATCH] fix: prevent double HTML encoding in emergency access emails

The SanitizeForEmail method HTML-encodes by default, but Handlebars
templates also escape values. This caused names with special characters
like umlauts to display as HTML entities (e.g. Windm&amp;#252;ller).

Pass htmlEncode=false to match the pattern used elsewhere in this file.
---
 src/Core/Platform/Mail/HandlebarsMailService.cs | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/Core/Platform/Mail/HandlebarsMailService.cs b/src/Core/Platform/Mail/HandlebarsMailService.cs
index 7a4a31c6c681..cc7edbe4c440 100644
--- a/src/Core/Platform/Mail/HandlebarsMailService.cs
+++ b/src/Core/Platform/Mail/HandlebarsMailService.cs
@@ -1193,7 +1193,7 @@ public async Task SendEmergencyAccessInviteEmailAsync(EmergencyAccess emergencyA
         var message = CreateDefaultMessage($"Emergency Access Contact Invite", emergencyAccess.Email);
         var model = new EmergencyAccessInvitedViewModel
         {
-            Name = CoreHelpers.SanitizeForEmail(name),
+            Name = CoreHelpers.SanitizeForEmail(name, false),
             Email = WebUtility.UrlEncode(emergencyAccess.Email),
             Id = emergencyAccess.Id.ToString(),
             Token = WebUtility.UrlEncode(token),
@@ -1241,7 +1241,7 @@ public async Task SendEmergencyAccessRecoveryInitiated(EmergencyAccess emergency
 
         var model = new EmergencyAccessRecoveryViewModel
         {
-            Name = CoreHelpers.SanitizeForEmail(initiatingName),
+            Name = CoreHelpers.SanitizeForEmail(initiatingName, false),
             Action = emergencyAccess.Type.ToString(),
             DaysLeft = emergencyAccess.WaitTimeDays - Convert.ToInt32((remainingTime).TotalDays),
         };
@@ -1267,7 +1267,7 @@ public async Task SendEmergencyAccessRecoveryRejected(EmergencyAccess emergencyA
         var message = CreateDefaultMessage("Emergency Access Rejected", email);
         var model = new EmergencyAccessRejectedViewModel
         {
-            Name = CoreHelpers.SanitizeForEmail(rejectingName),
+            Name = CoreHelpers.SanitizeForEmail(rejectingName, false),
         };
         await AddMessageContentAsync(message, "Auth.EmergencyAccessRejected", model);
         message.Category = "EmergencyAccessRejected";
@@ -1296,7 +1296,7 @@ public async Task SendEmergencyAccessRecoveryTimedOut(EmergencyAccess emergencyA
         var message = CreateDefaultMessage("Emergency Access Granted", email);
         var model = new EmergencyAccessRecoveryTimedOutViewModel
         {
-            Name = CoreHelpers.SanitizeForEmail(initiatingName),
+            Name = CoreHelpers.SanitizeForEmail(initiatingName, false),
             Action = emergencyAccess.Type.ToString(),
         };
         await AddMessageContentAsync(message, "Auth.EmergencyAccessRecoveryTimedOut", model);