Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Validate recipient email addresses to prevent invalid ending characters #8020

Merged
merged 2 commits into from
Jul 30, 2024
Merged

Validate recipient email addresses to prevent invalid ending characters #8020

merged 2 commits into from
Jul 30, 2024

Conversation

mhf1998
Copy link
Contributor

@mhf1998 mhf1998 commented Jul 22, 2024

Fixes #7112

  • Added a regular expression pattern to identify and invalidate email addresses that end with specific invalid characters.
  • The validation logic was incorporated into the isValidEmail method, ensuring that any email address ending with characters such as /, ?, =, +, &, ^, %, $, #, !, ', and - is correctly flagged as invalid. (I checked and all the special characters that led to the repeating of this bug scenario were just these.)
  • Improved error handling, and show an error when the focus is changed from the To, CC, and BCC fields; instead of showing the error after sending the email.

image

@mhf1998 mhf1998 requested review from cketti and wmontwe as code owners July 22, 2024 22:01
@cketti cketti self-assigned this Jul 23, 2024
cketti
cketti requested changes Jul 23, 2024
View reviewed changes
Copy link
Member

@cketti cketti left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add an additional (in)validity check for the domain part to UserInputEmailAddressParser and add relevant tests to UserInputEmailAddressParserTest.

Side note: This doesn't fix the underlying problem of us (indirectly) using Rfc822Tokenizer which is a bad fit for the job. However, it does improve the current situation a little bit.

@mhf1998 mhf1998 force-pushed the Hotfix-7112 branch 2 times, most recently from 61a4b6e to ab5d639 Compare July 24, 2024 01:10
@mhf1998
Copy link
Contributor Author

mhf1998 commented Jul 24, 2024
edited
Loading

@cketti
I have implemented everything you asked for. Now, the domain is correctly validated by the use of the function you mentioned, and even if the last character of the email is wrong, that is caught as well, and the relevant error is displayed.
Moreover, all tests have been written and added to the class.

@mhf1998 mhf1998 requested a review from cketti July 24, 2024 01:18
@mhf1998
Copy link
Contributor Author

mhf1998 commented Jul 30, 2024

@cketti
I have implemented everything you asked for. Done.

@mhf1998 mhf1998 requested a review from cketti July 30, 2024 12:21
@cketti cketti merged commit e85cc09 into thunderbird:main Jul 30, 2024
2 checks passed
@cketti
Copy link
Member

cketti commented Jul 30, 2024

Thanks 👍

@mhf1998
Copy link
Contributor Author

mhf1998 commented Jul 30, 2024

You're welcome.
It's an honor to collaborate on this project. ☺️
Thank you for taking the time to review and respond.🙏🏻

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cketti cketti cketti approved these changes

@wmontwe wmontwe Awaiting requested review from wmontwe wmontwe is a code owner

Assignees

@cketti cketti

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

The recipient address <[email protected]/> is not a valid RFC-5321 address.
2 participants
@mhf1998 @cketti