emails: disallow names ending with a period.

Update email validation rules to disallow the percent character (e.g. `foo%bar@gmail.com`) and names ending with a period (e.g. `foo.@gmail.com`). Names ending with a period are invalid according to the RFCs and cause `Mail::Address.new` to raise an exception. The percent character is technically legal, but only one email used it and it was probably a typo.
2022-10-17 21:32:27 -05:00
parent e31977ac29
commit 873c67db58
3 changed files with 8 additions and 3 deletions
--- a/script/fixes/117_fix_invalid_emails.rb
+++ b/script/fixes/117_fix_invalid_emails.rb
@@ -3,7 +3,7 @@
 require_relative "base"

 with_confirmation do
-  emails = EmailAddress.where_not_regex(:address, '^[a-zA-Z0-9._%+-]+@([a-zA-Z0-9][a-zA-Z0-9-]{0,61}\.)+[a-zA-Z]{2,}$') # invalid emails
+  emails = EmailAddress.where_not_regex(:address, '^[a-zA-Z0-9._+-]*[a-zA-Z0-9_+-]@([a-zA-Z0-9][a-zA-Z0-9-]{0,61}\.)+[a-zA-Z]{2,}$') # invalid emails

  emails.find_each do |email|
    old_address = email.address
@@ -15,6 +15,9 @@ with_confirmation do
    # foo,bar@gmail.com -> foo.bar@gmail.com | @gmail,com -> @gmail.com
    address = address.gsub(/,/, ".")

+    address = address.gsub(/\.+@/, "@") # foo.@gmail.com -> foo@gmail.com
+    address = address.gsub(/%/, "") # foo%@gmail.com -> foo@gmail.com
+
    address = address.gsub(/[\\\/]$/, '') # @qq.com\ -> @qq.com, @web.de/ -> @web.de
    address = address.gsub(/^https?:\/\/(www\.)?/i, "") # https://xxx@gmail.com -> xxx@gmail.com
    address = address.gsub(/^mailto:/i, "") # mailto:foo@gmail.com -> foo@gmail.com
@@ -82,7 +85,7 @@ with_confirmation do
    if dupe_emails.present?
      puts "#{old_address.ljust(40, " ")} DELETE (#{dupe_emails.map { "#{_1.user.name}##{_1.user.id}" }.join(", ")}, #{email.user.name}##{email.user.id})"
      email.destroy if ENV.fetch("FIX", "false").truthy?
-    elsif address.match?(/^[a-zA-Z0-9._%+-]+@([a-zA-Z0-9][a-zA-Z0-9-]{0,61}\.)+[a-zA-Z]{2,}$/)
+    elsif Danbooru::EmailAddress.is_valid?(address)
      puts "#{old_address.ljust(40, " ").gsub(/\r|\n/, "")} #{address}"
      email.user.update!(email_address_attributes: { address: address }) if ENV.fetch("FIX", "false").truthy?
    else