WordPress.org

Make WordPress Core

Opened 11 months ago

Last modified 3 months ago

#24487 new defect (bug)

is_email() does not recognize IDN domains

Reported by: OlegCorner Owned by:
Milestone: Future Release Priority: normal
Severity: minor Version: 3.5.1
Component: Formatting Keywords: has-patch
Focuses: Cc:

Description (last modified by SergeyBiryukov)

Insufficient validation of the domain name in function is_email of wp-includes/formatting.php.
WordPress 3.5.1 > , including trunk.
Test for invalid characters does not test Unicode symbols in international domain, such as Cyrillic domains and other Unicode domains.

Attachments (2)

24487_3.5.1.patch (364 bytes) - added by OlegCorner 11 months ago.
24487_trunk.patch (497 bytes) - added by OlegCorner 11 months ago.

Download all attachments as: .zip

Change History (4)

OlegCorner11 months ago

OlegCorner11 months ago

comment:1 SergeyBiryukov10 months ago

  • Description modified (diff)
  • Summary changed from Insufficient validation of the domain name in wp-includes/formatting.php to is_email() does not recognize IDN domains

Related: #17491

comment:2 nacin3 months ago

  • Milestone changed from Awaiting Review to Future Release

Hi OlegCorner. We had quite a bit of "fun" with \P{L}, as it is possible to compile PCRE without Unicode support. See #22692. Not sure what to do here, though it does seem to be possible to check for this support with a separate check, then allow IDN domains through if so. Or, there might be another way to check for this.

Note: See TracTickets for help on using tickets.