Ampersand entered in a Form field causes data loss

[GoogleCodeExporter]

To reproduce:

1. Perform a fresh install of Vosao. I have verified that the bug exists in 
0.9.{6,7,8,9}. I haven't verified in trunk.

2. Change the default configuration setting for Site owner email address.

3. Configure the 'feedback' form recipient to a valid email address.

4. Open /about and complete the Name and Email fields as usual.

5. In the Message field, enter some text followed by an ampersand ("&") 
followed by more text. I used "0 1 2 3 4 & 5 6 7 8 9"

6. Click Send.

7. Open the email, once it arrives.

Expected output is an email with the following 'Message' line:

Text:
Message 0 1 2 3 4 & 5 6 7 8 9

HTML:
<tr><td>Message</td><td>0 1 2 3 4 & 5 6 7 8 9</td></tr>

Actual output is an email with the following 'Message' line:

Text:
Message &amp; 5 6 7 8 9

HTML
<tr><td>Message</td><td>&amp;amp; 5 6 7 8 9</td></tr>

The workaround for this is to use the following regex validation:
^[^&]*$

Original issue reported on code.google.com by casee...@gmail.com on 26 Aug 2011 at 7:15

[GoogleCodeExporter]

This issue was closed by revision r1140.

Original comment by kinyelo@gmail.com on 21 Jan 2012 at 4:58

• Changed state: Fixed