Make e-mail sanity check more precise (#20991)
For security reasons, all e-mail addresses starting with non-alphanumeric characters were rejected. This is too broad and rejects perfectly valid e-mail addresses. Only leading hyphens should be rejected -- in all other cases e-mail address specification should follow RFC 5322. Co-authored-by: Andreas Fischer <_@ndreas.de> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
This commit is contained in:
parent
b5a54f03a2
commit
9862936ed3
2 changed files with 21 additions and 20 deletions
|
@ -41,6 +41,7 @@ func (err ErrEmailCharIsNotSupported) Error() string {
|
||||||
}
|
}
|
||||||
|
|
||||||
// ErrEmailInvalid represents an error where the email address does not comply with RFC 5322
|
// ErrEmailInvalid represents an error where the email address does not comply with RFC 5322
|
||||||
|
// or has a leading '-' character
|
||||||
type ErrEmailInvalid struct {
|
type ErrEmailInvalid struct {
|
||||||
Email string
|
Email string
|
||||||
}
|
}
|
||||||
|
@ -134,9 +135,7 @@ func ValidateEmail(email string) error {
|
||||||
return ErrEmailCharIsNotSupported{email}
|
return ErrEmailCharIsNotSupported{email}
|
||||||
}
|
}
|
||||||
|
|
||||||
if !(email[0] >= 'a' && email[0] <= 'z') &&
|
if email[0] == '-' {
|
||||||
!(email[0] >= 'A' && email[0] <= 'Z') &&
|
|
||||||
!(email[0] >= '0' && email[0] <= '9') {
|
|
||||||
return ErrEmailInvalid{email}
|
return ErrEmailInvalid{email}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -281,23 +281,25 @@ func TestEmailAddressValidate(t *testing.T) {
|
||||||
`first~last@iana.org`: nil,
|
`first~last@iana.org`: nil,
|
||||||
`first;last@iana.org`: user_model.ErrEmailCharIsNotSupported{`first;last@iana.org`},
|
`first;last@iana.org`: user_model.ErrEmailCharIsNotSupported{`first;last@iana.org`},
|
||||||
".233@qq.com": user_model.ErrEmailInvalid{".233@qq.com"},
|
".233@qq.com": user_model.ErrEmailInvalid{".233@qq.com"},
|
||||||
"!233@qq.com": user_model.ErrEmailInvalid{"!233@qq.com"},
|
"!233@qq.com": nil,
|
||||||
"#233@qq.com": user_model.ErrEmailInvalid{"#233@qq.com"},
|
"#233@qq.com": nil,
|
||||||
"$233@qq.com": user_model.ErrEmailInvalid{"$233@qq.com"},
|
"$233@qq.com": nil,
|
||||||
"%233@qq.com": user_model.ErrEmailInvalid{"%233@qq.com"},
|
"%233@qq.com": nil,
|
||||||
"&233@qq.com": user_model.ErrEmailInvalid{"&233@qq.com"},
|
"&233@qq.com": nil,
|
||||||
"'233@qq.com": user_model.ErrEmailInvalid{"'233@qq.com"},
|
"'233@qq.com": nil,
|
||||||
"*233@qq.com": user_model.ErrEmailInvalid{"*233@qq.com"},
|
"*233@qq.com": nil,
|
||||||
"+233@qq.com": user_model.ErrEmailInvalid{"+233@qq.com"},
|
"+233@qq.com": nil,
|
||||||
"/233@qq.com": user_model.ErrEmailInvalid{"/233@qq.com"},
|
"-233@qq.com": user_model.ErrEmailInvalid{"-233@qq.com"},
|
||||||
"=233@qq.com": user_model.ErrEmailInvalid{"=233@qq.com"},
|
"/233@qq.com": nil,
|
||||||
"?233@qq.com": user_model.ErrEmailInvalid{"?233@qq.com"},
|
"=233@qq.com": nil,
|
||||||
"^233@qq.com": user_model.ErrEmailInvalid{"^233@qq.com"},
|
"?233@qq.com": nil,
|
||||||
"`233@qq.com": user_model.ErrEmailInvalid{"`233@qq.com"},
|
"^233@qq.com": nil,
|
||||||
"{233@qq.com": user_model.ErrEmailInvalid{"{233@qq.com"},
|
"_233@qq.com": nil,
|
||||||
"|233@qq.com": user_model.ErrEmailInvalid{"|233@qq.com"},
|
"`233@qq.com": nil,
|
||||||
"}233@qq.com": user_model.ErrEmailInvalid{"}233@qq.com"},
|
"{233@qq.com": nil,
|
||||||
"~233@qq.com": user_model.ErrEmailInvalid{"~233@qq.com"},
|
"|233@qq.com": nil,
|
||||||
|
"}233@qq.com": nil,
|
||||||
|
"~233@qq.com": nil,
|
||||||
";233@qq.com": user_model.ErrEmailCharIsNotSupported{";233@qq.com"},
|
";233@qq.com": user_model.ErrEmailCharIsNotSupported{";233@qq.com"},
|
||||||
"Foo <foo@bar.com>": user_model.ErrEmailCharIsNotSupported{"Foo <foo@bar.com>"},
|
"Foo <foo@bar.com>": user_model.ErrEmailCharIsNotSupported{"Foo <foo@bar.com>"},
|
||||||
string([]byte{0xE2, 0x84, 0xAA}): user_model.ErrEmailCharIsNotSupported{string([]byte{0xE2, 0x84, 0xAA})},
|
string([]byte{0xE2, 0x84, 0xAA}): user_model.ErrEmailCharIsNotSupported{string([]byte{0xE2, 0x84, 0xAA})},
|
||||||
|
|
Reference in a new issue