Make WordPress Core

Opened 10 years ago

Last modified 4 years ago

#27270 new defect (bug)

Validation for leading/trailing periods, or consecutive periods in email addresses is only done on the domain section

Reported by: scruffian's profile scruffian Owned by:
Milestone: Priority: normal
Severity: normal Version: 2.7
Component: Formatting Keywords: has-patch is-email has-unit-tests
Focuses: Cc:

Description

WordPress valids that the domain portion of the email address (after the @) doesn't have leading or trailing periods, or more than one period consecutively, but the same check isn't done on the portion before the @. This means that the following email addresses validate:

.name@…
name.@…
first..last@…

The attached patch will resolve this, although it might need a little refactoring to deal with the duplication in trimming periods and whitespace.

Attachments (2)

email_validation.patch (963 bytes) - added by scruffian 10 years ago.
Email validation patch
27270.patch (1.8 KB) - added by jared_smith 9 years ago.
Updated patch and unit test

Download all attachments as: .zip

Change History (12)

@scruffian
10 years ago

Email validation patch

#1 @johnbillion
10 years ago

  • Keywords 2nd-opinion added

Consecutive periods are perfectly valid in the local part of an email address. I'm unsure about leading and trailing periods though.

#2 @johnbillion
10 years ago

  • Keywords needs-unit-tests added

#3 @scruffian
10 years ago

I don't think so. <a href="http://tools.ietf.org/html/rfc3696#page-5">The spec</a> says:

"period (".") may also appear, but may not be used to start or end the local part, nor may two or more consecutive periods appear."

Version 0, edited 10 years ago by scruffian (next)

#4 @johnbillion
10 years ago

Ah, I stand corrected. That's interesting because I have an address that I use in Gmail which contains three consecutive periods.

More email validation fun: https://core.trac.wordpress.org/search?q=is_email&ticket=on

#5 @scruffian
10 years ago

Weird. I wonder if Gmail uses the quoted string syntax to get past these rules? (http://en.wikipedia.org/wiki/Email_address#Valid_email_addresses).

Just a theory...

#6 @SergeyBiryukov
10 years ago

  • Component changed from General to Mail

Related: #17491, #17678, #21730, #25108.

#7 @johnbillion
10 years ago

  • Keywords has-patch added; 2nd-opinion removed
  • Version changed from trunk to 2.7

@jared_smith
9 years ago

Updated patch and unit test

#8 @jared_smith
9 years ago

  • Keywords needs-unit-tests removed

I've tested the patch, and it works as advertised. I've re-rolled the patch (to make sure it applies cleanly to trunk, and to be a little more verbose in the comments), and updated the unit test as well.

I think this is ready to be committed.

#9 @miqrogroove
8 years ago

  • Component changed from Mail to Formatting
  • Keywords is-email added

#10 @jared_smith
8 years ago

  • Keywords has-unit-tests added

This patch still applies -- can we try to get this in for the 4.5 release?

Also, by way of answering John's question about why it works in Gmail, they have a page that explains that they ignore all periods in the user part of email: https://support.google.com/mail/answer/10313?hl=en

Note: See TracTickets for help on using tickets.