email cloaking does not work with & in text

[heleneross]

Steps to reproduce the issue

create an email address with an html entity in the text of the anchor

<a href="mailto:somebody@somewhere.com">Fred&amp;Tom@somewhere.com</a>

Expected result

Fred&Tom@somewhere.com

Actual result

Fred&Tom@somewhere.com

System information (as much as possible)

J3.3.3

Additional comments

function convertEncoding($text) in libraries/cms/html/email.php seems to be the culprit as it replaces vowels in the text (and also in the entities).

I did a quick kludge by changing this function to:

protected static function convertEncoding($text)
    {
        $text = html_entity_decode($text);

        // Replace vowels with character encoding
        $text = str_replace('a', 'a', $text);
        $text = str_replace('e', 'e', $text);
        $text = str_replace('i', 'i', $text);
        $text = str_replace('o', 'o', $text);
        $text = str_replace('u', 'u', $text);

        $text = htmlentities($text,ENT_QUOTES,'UTF-8',false);

        return $text;
    }

seems to work but I have probably broken something else!

[n9iels]

Bug confirmed and the suggested fix worked fine for me. I create a PR for this so we can test it and, if everything seems fine, merged it into staging

[infograf768]

Good find! Merged. Thanks.