Menu
▾
▴
Re: [FE-discuss] Email Validator and RFC(c.f. bug 2581271)
|
From: Aston M. <as...@ge...> - 2009-10-21 19:06:03
|
Hey Alexander, That regular expression passes for a username like "a@b" where the old regex didn't. It also has nested repeat matching (+ inside of *) which can be dangerous (see http://www.djangoproject.com/weblog/2009/oct/09/security/ ). Check out the performance of your regex on a string like "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa@"! - Aston On Wed, Oct 21, 2009 at 11:04 AM, Alexander Fairley < ale...@gm...> wrote: > Hey guys, > > I was reading along with rfc3696 to get a handle on email validation, and I > noticed that it says that trailing, leading and doubled dots in the local > part of the email are to be considered invalid. As of 1.2.2 formencode > thinks things such as "alexander.fairley.@gmail.com" are valid. I believe > that the following patch will resolve this issue. I'll do a little testing > later, but I wanted to send this out and find out what I should to w.r.t. > getting it upstream. I looked to see if there was a bug on this, the > cloesest I found was > > http://sourceforge.net/tracker/index.php?func=detail&aid=2581271&group_id=91231&atid=596416 > This patch should address the . issues, but not the umlaut fun time issues. > > Cheers, > > Alex > > Index: formencode/validators.py > =================================================================== > --- formencode/validators.py (revision 4045) > +++ formencode/validators.py (working copy) > @@ -1301,7 +1301,7 @@ > > resolve_domain = False > > - usernameRE = re.compile(r"^[^ \t\n\r@<>()]+$", re.I) > + usernameRE = re.compile(r"^[^ \t\n\r@<>().]+((.)?[^ \t\n\r@<>().]+)*$", > re.I) > domainRE = re.compile(r''' > ^(?:[a-z0-9][a-z0-9\-]{0,62}\.)+ # (sub)domain - alpha followed by > 62max chars (63 total) > [a-z]{2,}$ > > > ------------------------------------------------------------------------------ > Come build with us! The BlackBerry(R) Developer Conference in SF, CA > is the only developer event you need to attend this year. Jumpstart your > developing skills, take BlackBerry mobile applications to market and stay > ahead of the curve. Join us from November 9 - 12, 2009. Register now! > http://p.sf.net/sfu/devconference > _______________________________________________ > FormEncode-discuss mailing list > For...@li... > https://lists.sourceforge.net/lists/listinfo/formencode-discuss > > |