dojox.validate.regexp.emailAddress allowing bad emails

[sgourley]

[email protected] is validating to true.

<input id="txt_name" type="text" name="email" value="" style="width: 250px;"

dojotype="dijit.form.ValidationTextBox?" regexpgen="dojox.validate.regexp.emailAddress" required="true" invalidmessage="Invalid Email Address." />

[dante]

afaik, [email protected] is a valid email address (as per the spec). There is nothing stating an email address requires a TLD. Perhaps this could be put in as an option, but generally speaking: .*@.* is valid

[Adam Peller]

plus, I think we stopped restricting tlds now that iana has opened up tld registration.

[jow]

A FQDN does need to be more than a single token. Otherwise it is unqualified.

The email address validator uses the web.host validation regex.

My reading of the code suggests that if "allowNamed=false" and "allowLocal=false", then it should NOT accept "b" as a host name.

Even with allowLocal and allowNamed set to false, the regex for host does not require both a host AND a tld.

Don't know how to submit a patch, but the change is from "*" to "+" in line 111 (follows)

var hostNameRE = "((?:" + domainLabelRE + "
.)*" + domainNameRE + "
.?)";

should be

var hostNameRE = "((?:" + domainLabelRE + "
.)+" + domainNameRE + "
.?)";

[jow]

Wanted to be sure I wasn't full of it, so I checked the RFC

​http://tools.ietf.org/html/rfc2821#section-2.3.5

It says a local alias (vs. a FQDN) must NOT appear in an SMTP transaction.

I hope this is helpful.

[Adam Peller]

see #9926 for example

[Adam Peller]

Fixed in [20703] Thanks, jow