luckyimnotanigger/forgejo
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2025-06-24 18:10:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

feat: relax email requirements (#7829)

Browse source 
The current email restrictions were put in place because of a security issue with sendmail (https://github.com/go-gitea/gitea/pull/17688). Remove this restriction and instead ensure that this security issue cannot happen with sendmail.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7829
Reviewed-by: Ellen Εμιλία Άννα Zscheile <fogti@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: famfo <famfo@famfo.xyz>
Co-committed-by: famfo <famfo@famfo.xyz>
This commit is contained in:
famfo 2025-05-22 12:20:25 +02:00 committed by Gusted
parent de1adf224d
commit dda37e86bd
11 changed files with 45 additions and 46 deletions
Download patch file Download diff file Expand all files Collapse all files

27
modules/validation/email.go
View file

@ -8,7 +8,6 @@ package validation
import (
"fmt"
"net/mail"
"regexp"
"strings"
"forgejo.org/modules/setting"
@ -20,21 +19,6 @@ import (
// ErrEmailNotActivated e-mail address has not been activated error
var ErrEmailNotActivated = util.NewInvalidArgumentErrorf("e-mail address has not been activated")
// ErrEmailCharIsNotSupported e-mail address contains unsupported character
type ErrEmailCharIsNotSupported struct {
Email string
}
// IsErrEmailCharIsNotSupported checks if an error is an ErrEmailCharIsNotSupported
func IsErrEmailCharIsNotSupported(err error) bool {
_, ok := err.(ErrEmailCharIsNotSupported)
return ok
}
func (err ErrEmailCharIsNotSupported) Error() string {
return fmt.Sprintf("e-mail address contains unsupported character [email: %s]", err.Email)
}
// ErrEmailInvalid represents an error where the email address does not comply with RFC 5322
// or has a leading '-' character
type ErrEmailInvalid struct {
@ -55,8 +39,6 @@ func (err ErrEmailInvalid) Unwrap() error {
return util.ErrInvalidArgument
}
var emailRegexp = regexp.MustCompile("^[a-zA-Z0-9.!#$%&'*+-/=?^_`{|}~]*@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$")
// check if email is a valid address with allowed domain
func ValidateEmail(email string) error {
if err := validateEmailBasic(email); err != nil {
@ -77,15 +59,12 @@ func validateEmailBasic(email string) error {
return ErrEmailInvalid{email}
}
if !emailRegexp.MatchString(email) {
return ErrEmailCharIsNotSupported{email}
}
if email[0] == '-' {
parsedAddress, err := mail.ParseAddress(email)
if err != nil {
return ErrEmailInvalid{email}
}
if _, err := mail.ParseAddress(email); err != nil {
if parsedAddress.Name != "" {
return ErrEmailInvalid{email}
}

11
modules/validation/email_test.go
View file

@ -35,7 +35,7 @@ func TestEmailAddressValidate(t *testing.T) {
`first|last@iana.org`: nil,
`first}last@iana.org`: nil,
`first~last@iana.org`: nil,
`first;last@iana.org`: ErrEmailCharIsNotSupported{`first;last@iana.org`},
`first;last@iana.org`: ErrEmailInvalid{`first;last@iana.org`},
".233@qq.com": ErrEmailInvalid{".233@qq.com"},
"!233@qq.com": nil,
"#233@qq.com": nil,
@ -45,7 +45,7 @@ func TestEmailAddressValidate(t *testing.T) {
"'233@qq.com": nil,
"*233@qq.com": nil,
"+233@qq.com": nil,
"-233@qq.com": ErrEmailInvalid{"-233@qq.com"},
"-233@qq.com": nil,
"/233@qq.com": nil,
"=233@qq.com": nil,
"?233@qq.com": nil,
@ -56,9 +56,10 @@ func TestEmailAddressValidate(t *testing.T) {
"|233@qq.com": nil,
"}233@qq.com": nil,
"~233@qq.com": nil,
";233@qq.com": ErrEmailCharIsNotSupported{";233@qq.com"},
"Foo <foo@bar.com>": ErrEmailCharIsNotSupported{"Foo <foo@bar.com>"},
string([]byte{0xE2, 0x84, 0xAA}): ErrEmailCharIsNotSupported{string([]byte{0xE2, 0x84, 0xAA})},
"\"~@ \"@famfo.xyz": nil,
"Foo <foo@bar.com>": ErrEmailInvalid{"Foo <foo@bar.com>"},
";233@qq.com": ErrEmailInvalid{";233@qq.com"},
string([]byte{0xE2, 0x84, 0xAA}): ErrEmailInvalid{string([]byte{0xE2, 0x84, 0xAA})},
}
for kase, err := range kases {
t.Run(kase, func(t *testing.T) {