[jira] [Commented] (VALIDATOR-487) EmailValidator validates too much

Wed, 10 Apr 2024 02:43:05 -0700 


    [ 
https://issues.apache.org/jira/browse/VALIDATOR-487?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17835667#comment-17835667
 ] 

Olivier Jaquemet commented on VALIDATOR-487:
--------------------------------------------

Hello everyone,

I'm not an expert on this either, so bear with me 😅 

It seems to me that most users of the Apaches Common Validators API expect 
email to be validated against the "classic" RFC, which does not seems to allow 
non-ascii characters in the local part. (even though I may not have interpreted 
the complex RFC correctly... 
[https://datatracker.ietf.org/doc/html/rfc2822#section-3.4.1,] 
[https://datatracker.ietf.org/doc/html/rfc5322#section-3.4.1)|https://datatracker.ietf.org/doc/html/rfc5322#section-3.4.1]

 

So I think this bug should be considered for fix.

 

For comparison, the Java library 
[com.github.bbottema:emailaddress-rfc2822|[https://github.com/bbottema/email-rfc2822-validator]]
 refuses non ASCCI char in all its validation mode : 

 
{noformat}
др.живаго@example.com
 EmailValidator.isValid(...) -  
https://commons.apache.org/proper/commons-validator/
  default                        : true
  allowLocal=true                : true
  allowLocal=true, allowTld=true : true
 EmailAddressValidator.isValid(...) -  
https://github.com/bbottema/email-rfc2822-validator
  default                        : false
  recommended                    : false
  rfc compliant                  : false
  allow all (but domain literal) : false
  ALLOW_DOMAIN_LITERALS          : false
 
pré[email protected]
 EmailValidator.isValid(...) -  
https://commons.apache.org/proper/commons-validator/
  default                        : true
  allowLocal=true                : true
  allowLocal=true, allowTld=true : true
 EmailAddressValidator.isValid(...) -  
https://github.com/bbottema/email-rfc2822-validator
  default                        : false
  recommended                    : false
  rfc compliant                  : false
  allow all (but domain literal) : false
  ALLOW_DOMAIN_LITERALS          : false
{noformat}
 

Source of demonstration code : 

 
{noformat}
import org.apache.commons.validator.routines.EmailValidator;
import org.hazlewood.connor.bottema.emailaddress.EmailAddressCriteria;
import org.hazlewood.connor.bottema.emailaddress.EmailAddressValidator;
public class TestMailValid {
  public static void main(String[] args) {
    logMailIsValid("др.живаго@example.com");
    logMailIsValid("pré[email protected]");
  }
  public static void logMailIsValid(String emailaddress) {
    System.out.println(emailaddress);
    System.out.println(" EmailValidator.isValid(...) -  
https://commons.apache.org/proper/commons-validator/";);
    System.out.println("  default                        : " + 
EmailValidator.getInstance().isValid(emailaddress));
    System.out.println("  allowLocal=true                : " + 
EmailValidator.getInstance(true).isValid(emailaddress));
    System.out.println("  allowLocal=true, allowTld=true : " + 
EmailValidator.getInstance(true, true).isValid(emailaddress));
    System.out.println("");
    System.out.println(" EmailAddressValidator.isValid(...) -  
https://github.com/bbottema/email-rfc2822-validator";);
    System.out.println("  default                        : 
"+EmailAddressValidator.isValid(emailaddress));
    System.out.println("  recommended                    : 
"+EmailAddressValidator.isValid(emailaddress, 
EmailAddressCriteria.RECOMMENDED));
    System.out.println("  rfc compliant                  : 
"+EmailAddressValidator.isValid(emailaddress, 
EmailAddressCriteria.RFC_COMPLIANT));
    System.out.println("  allow all (but domain literal) : 
"+EmailAddressValidator.isValid(emailaddress, 
EnumSet.of(EmailAddressCriteria.ALLOW_DOT_IN_A_TEXT, 
EmailAddressCriteria.ALLOW_SQUARE_BRACKETS_IN_A_TEXT, 
EmailAddressCriteria.ALLOW_PARENS_IN_LOCALPART, 
EmailAddressCriteria.ALLOW_QUOTED_IDENTIFIERS)));
    System.out.println("  ALLOW_DOMAIN_LITERALS          : 
"+EmailAddressValidator.isValid(emailaddress, 
EnumSet.of(EmailAddressCriteria.ALLOW_DOMAIN_LITERALS)));
    System.out.println("");
  }
}
{noformat}
 

> EmailValidator validates too much
> ---------------------------------
>
>                 Key: VALIDATOR-487
>                 URL: https://issues.apache.org/jira/browse/VALIDATOR-487
>             Project: Commons Validator
>          Issue Type: Bug
>    Affects Versions: 1.6
>            Reporter: Michael Osipov
>            Priority: Major
>
> Coming from https://github.com/everit-org/json-schema which uses 
> {{EMailValidator}} to validate JSON schema type:
> {noformat}
> {
> "type": "string",
> "format": "email"
> }
> {noformat}
> The problem is that the following email is returned as valid although 
> according to rfc5321#section-4.1.2 local-part/dot-string/atom/atext 
> (https://mailarchive.ietf.org/arch/msg/ietf-smtp/QlSTxHlY6cP6_Xwl6CpDvL5PQLo/)
>  it must only contain ASCII printable chars:
> {{др.живаго@example.com}}.
> I'd expect that one could validate standard addresses and IDN ones.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to