Issue Details (XML | Word | Printable)

Key: VALIDATOR-190
Type: Bug Bug
Status: Closed Closed
Resolution: Fixed
Priority: Minor Minor
Assignee: Niall Pemberton
Reporter: Cott Lang
Votes: 0
Watchers: 1
Operations

If you were logged in you would be able to see more operations.
Commons Validator

EmailValidator allows control characters (ASCII 0-31)

Created: 01/Jun/06 11:48 PM   Updated: 12/Nov/07 07:25 PM
Return to search
Component/s: Routines
Affects Version/s: 1.3.0 Release
Fix Version/s: 1.3.1 Release

Time Tracking:
Not Specified

File Attachments:
  File Name Date Attached Attached By Size
Text File Licensed for inclusion in ASF works EmailTest-diff.txt 2006-06-11 02:55 AM Gabriel Belingueres 7 kB
Text File Licensed for inclusion in ASF works EmailValidator-diff.txt 2006-06-11 02:55 AM Gabriel Belingueres 2 kB

Resolution Date: 23/Nov/06 01:15 PM


 Description  « Hide
EmailValidator allows ASCII 0 - 31 in an email address.

According to RFC 821, these are forbidden.

import org.apache.commons.validator.EmailValidator;

public class Test {

public static void main(String[] args) { EmailValidator ev = EmailValidator.getInstance(); String email ="\000nobody@nowhere.com"; System.err.println(ev.isValid(email)); }

}

 All   Comments   Work Log   Change History   Subversion Commits      Sort Order: Ascending order - Click to sort in descending order
[ Permlink | « Hide ]
Gabriel Belingueres added a comment - 02/Jun/06 11:08 AM
Hi,

RFC 821 is obsoleted by RFC 2821
.
I found this one on the net what may be worth looking: RFC 2822 (Internet Message format) and RFC 2234 (Augmented BNF).

However it may well be a lot easier to post a question on the Apache Web server list.

Gabriel


[ Permlink | « Hide ]
Cott Lang added a comment - 02/Jun/06 11:40 AM
I read RFC 2821 and RFC 2822 as also forbidding control characters in email addresses as well. Maybe I'm just delusional after an exceptionally long week?

[ Permlink | « Hide ]
Gabriel Belingueres added a comment - 04/Jun/06 12:28 PM
Hi Cott,

I found this other link on the net that may be helpful. Apparently, there are some more chars that should be forbidden/discouraged to use in the local part of the email address.

It may be worth take a look at it: http://www.remote.org/jochen/mail/info/chars.html

Gabriel


[ Permlink | « Hide ]
Gabriel Belingueres added a comment - 11/Jun/06 02:55 AM
Hi,

I'm uploading the patch files that would solve the issue (ie not allowing ASCII 0..31 in the local part of the email address), along with a test case.

Gabriel


[ Permlink | « Hide ]
Niall Pemberton added a comment - 23/Nov/06 01:15 PM
I applied a slightly different change since any valid ASCII character is allowed if its quoted - so I changed the excluded "special characters" which are used to define atom/word to also exclude ascii control characters (ASCII 0-31 and 127).

http://svn.apache.org/viewvc?view=rev&revision=478560

You can test out the changes using the next nightly build:
http://people.apache.org/builds/jakarta-commons/nightly/commons-validator/

Thanks for reporting this and your help!

Niall
Powered by a free Atlassian JIRA open source license for Apache Software Foundation. Try JIRA - bug tracking software for your team.
Atlassian JIRA the Professional Issue Tracker. (Enterprise Edition, Version: 3.13.2-#335) - Bug/feature request - Atlassian news - Contact Administrators