I had to manually encode the recipient delimiter "+" to "%2B" in a password reset email link because my hunch was the server didn't know how to parse it correctly. I was right. Sigh.
@philrw which service?
@jonn A retail chain chicken sandwich food establishment. Don't know what they use on the backend.
@philrw got it! Probably worth telling them that they can ask FOSS community for help to make sure that everything is secure.
Glitches and security issues come hand in hand, as #ctf competitions (and real life) teach us.
@jonn Yeah, I tried to use their website contact form and it's broken, too. Double sigh.
A private server for R±W family and friends.