Subject: Developers of Sympa
List archive
Re: [sympa-dev] Sympa does not seem to support "&" in peoples email
- From: David Verdin <address@concealed>
- To: Chris Andrews <address@concealed>
- Cc: "address@concealed" <address@concealed>
- Subject: Re: [sympa-dev] Sympa does not seem to support "&" in peoples email
- Date: Tue, 15 Jan 2008 13:52:20 +0100
Hi chris,
You're absolutely right about the ampersand. I added it to the regexp in the development version.
However, about the length of the "valid_email" sub, one should note that it is two different thing to validate a string against a regexp and firmly forbid some characters which - though authorized by the RFC 2822 - are a potential source of threat.
On the other hand, the regexp will evolve along the time. Keeping the second control prevent us from introducing such a character by mistake.
Regards,
Chris Andrews a écrit :
This is from tools.pl
This sub is what checks to make sure the email is valid. I added the
"Regexp" and "Forbidden characters" part because I need to be able to tell
the difference in the logs.
sub valid_email {
my $email = shift;
unless ($email =~ /^$regexp{'email'}$/) {
do_log('err', "Invalid email address '%s' Regexp", $email);
return undef;
}
## Forbidden characters
if ($email =~ /[\|\$\*\?\!]/) {
do_log('err', "Invalid email address '%s' Forbidden characters",
$email);
return undef;
}
return 1;
}
The regexp{'email'} is set with this line:
my %regexp = ('email' =>
'([\w\-\_\.\/\+\=\']+|\".*\")\@[\w\-]+(\.[\w\-]+)+',
I changed the line to (adding \&):
my %regexp = ('email' =>
'([\w\-\_\.\/\+\=\'\&]+|\".*\")\@[\w\-]+(\.[\w\-]+)+',
I restart the web and server procs and now I can subscribe, unsubscribe send
messages, etc. email addresses with "&" in them. Are there any places in
Sympa that could choke on this & char?
Also, couldn't the "sub valid_email" be shortened, as the regexp pretty much
assures us that the invalid chars cannot be put into email addresses.
sub valid_email {
my $email = shift;
unless ($email =~ /^$regexp{'email'}$/) {
do_log('err', "Invalid email address '%s'", $email);
return undef;
}
return 1;
}
I can put in a bug if you guys thin this is a good idea.
---
Chris Andrews
Boston College
Collaboration Team
--
David Verdin
Comité réseau des universités
-
[sympa-dev] Sympa does not seem to support "&" in peoples email addresses,
Chris Andrews, 01/14/2008
-
Re: [sympa-dev] Sympa does not seem to support "&" in peoples email,
David Verdin, 01/15/2008
- RE: [sympa-dev] Sympa does not seem to support "&" in peoples, Chris Andrews, 01/15/2008
-
Re: [sympa-dev] Sympa does not seem to support "&" in peoples email,
David Verdin, 01/15/2008
Archive powered by MHonArc 2.6.19+.