Page MenuHomePhabricator
Create Task
Maniphest T150394

Improve MediaWiki email validation
Open, Needs TriagePublic
Actions

Description

Frankly, it sucks. I know for full RFC validation, it's quite complex, and maybe overkill, but what we have now is too simplified:

In T150337#2783166, @Etonkovidova wrote:

Just checked how the email address change is handled now:
(1) An email is sent to the old email address to inform a user about changes in the email address.
(2) When a user adds email address in Special:ChangeEmail, the validation for the email address is checks for limited number of options:
e.g. typing 11111 and clicking 'Change email'
Please include '@'in the email address. [user email] is missing an '@'.

But 11@111 or '2345'@1 are considered valid email addresses.

It might be worth to improve the validation of email addresses https://tools.ietf.org/html/rfc1035#section-2.3.1 and https://tools.ietf.org/html/rfc5322#section-3.4.

Related Objects

Event Timeline

Reedy created this task.Nov 10 2016, 12:29 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptNov 10 2016, 12:29 AM
Aklapper added a comment.Nov 10 2016, 3:44 PM

As I already wrote in T150337, 11@111 is a perfectly valid email address, and if there was some kind of "validation" implemented that would turn this into an inacceptable email address that implementation would have to make sure that "validation" is optional.

MZMcBride subscribed.Nov 22 2016, 3:17 AM
spatton subscribed.Oct 23 2019, 1:31 PM
Pcoombe mentioned this in T240887: Email input accepts invalid email address.Dec 16 2019, 7:27 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits