On 03/27/2013 08:42 AM, Thomas Bruederli wrote:
I tracked it down to htmlspecialchars() in html::quote() used to quote the value attribute of the subject input field that returns an empty string if invalid characters are in the input.
Confirmed, and this is not PHP 5.4 only.
The best (but very expensive) solution is to run every string through a charset validation function (whatever that might be) in order to verify that it doesn't contain invalid chars. Or maybe we can just do more sanity checks only for messages that do not specify charset information.
We can also:
expensive.