From 30a3a3528178e1ead0597fbf456fc99e97228b4f Mon Sep 17 00:00:00 2001
From: Shivam Mishra <scm.mymail@gmail.com>
Date: Tue, 8 Jul 2025 09:41:40 +0530
Subject: [PATCH] feat: remove colon and semicolons when sanitizing inbox name
 (#11889)

---
 app/models/inbox.rb       | 2 +-
 spec/models/inbox_spec.rb | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/models/inbox.rb b/app/models/inbox.rb
index 69996707b..1c898ba7f 100644
--- a/app/models/inbox.rb
+++ b/app/models/inbox.rb
@@ -191,7 +191,7 @@ class Inbox < ApplicationRecord
   end
 
   def apply_sanitization_rules(name)
-    name.gsub(/[\\<>@"!#$%&*+=?^`{|}~]/, '')            # Remove forbidden chars
+    name.gsub(/[\\<>@"!#$%&*+=?^`{|}~:;]/, '')         # Remove forbidden chars
         .gsub(/[\x00-\x1F\x7F]/, ' ')                   # Replace control chars with spaces
         .gsub(/\A[[:punct:]]+|[[:punct:]]+\z/, '')      # Remove leading/trailing punctuation
         .gsub(/\s+/, ' ')                               # Normalize spaces
diff --git a/spec/models/inbox_spec.rb b/spec/models/inbox_spec.rb
index e25e87e4d..92fddcd78 100644
--- a/spec/models/inbox_spec.rb
+++ b/spec/models/inbox_spec.rb
@@ -262,7 +262,7 @@ RSpec.describe Inbox do
   describe '#sanitized_name' do
     context 'when inbox name contains forbidden characters' do
       it 'removes forbidden and spam-trigger characters' do
-        inbox = FactoryBot.build(:inbox, name: 'Test/Name\\With<Bad>@Characters"And\'Quotes!#$%')
+        inbox = FactoryBot.build(:inbox, name: 'Test/Name\\With<Bad>@Characters"And\';:Quotes!#$%')
         expect(inbox.sanitized_name).to eq('Test/NameWithBadCharactersAnd\'Quotes')
       end
     end