From e67e2cfe059f4021cca94040329a56b0b4bdb4ce Mon Sep 17 00:00:00 2001
From: Chongyi Zheng <git@zcy.dev>
Date: Sun, 9 Feb 2025 04:58:57 -0600
Subject: [PATCH] Ensure emails are sanitized (#2059)

Fixes "incomplete string escaping or encoding" raised by code scanning
---
 web/src/contexts/DraftEmailContext.ts | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/web/src/contexts/DraftEmailContext.ts b/web/src/contexts/DraftEmailContext.ts
index 92536f89c2..854c8937d7 100644
--- a/web/src/contexts/DraftEmailContext.ts
+++ b/web/src/contexts/DraftEmailContext.ts
@@ -270,9 +270,12 @@ const parseAddress = (
   let displayName = ''
   let email = ''
 
-  if (address.includes('<')) {
+  const countSubstring = (str: string, sub: string) => {
+    return str.split(sub).length - 1
+  }
+  if (countSubstring(address, '<') == 1 && countSubstring(address, '>') == 1) {
     displayName = address.split('<')[0].trim()
-    email = address.split('<')[1].replace('>', '').trim()
+    email = address.split('<')[1].replaceAll('>', '').trim()
 
     if (displayName.startsWith('"') && displayName.endsWith('"')) {
       displayName = displayName.slice(1, -1)