fix(linky): encode double quotes when serializing email addresses

Email addresses can (under certain restrictions) include double quote
characters. See http://tools.ietf.org/html/rfc3696#section-3.

For example, `"Jo Bloggs"@abc.com` is a valid email address.

When serializing emails to the `href` attribute of an anchor element,
we must HTML encode these double quote characters. See
http://www.w3.org/TR/html-markup/syntax.html#syntax-attr-double-quoted

This commit does not attempt to improve the functionality (i.e. regex)
that attempts to identify email addresses in a general string.

Closes #8945
Closes #8964
Closes #5946
Closes #10090
Closes #9256

Author: lgalfaso

src/ngSanitize/filter/linky.js

@@ -142,7 +142,7 @@ angular.module('ngSanitize').filter('linky', ['$sanitize', function($sanitize) {
                   '" ');
       }
       html.push('href="',
-                url,
+                url.replace('"', '"'),
                 '">');
       addText(text);
       html.push('</a>');

test/ngSanitize/filter/linkySpec.js

@@ -29,6 +29,10 @@ describe('linky', function() {
       toEqual('my email is &#34;<a href="mailto:me@example.com">me@example.com</a>&#34;');
   });
 
+  it('should handle quotes in the email', function() {
+    expect(linky('foo@"bar.com')).toEqual('<a href="mailto:foo@&#34;bar.com">foo@&#34;bar.com</a>');
+  });
+
   it('should handle target:', function() {
     expect(linky("http://example.com", "_blank")).
       toEqual('<a target="_blank" href="http://example.com">http://example.com</a>');