0001-misc-add-more-checks-on-email-address-localpart-4813.patch
src/authentic2/validators.py | ||
---|---|---|
16 | 16 | |
17 | 17 |
from __future__ import unicode_literals |
18 | 18 | |
19 |
import re |
|
19 | 20 |
import smtplib |
20 | 21 | |
21 |
import django |
|
22 | 22 |
from django.utils.deconstruct import deconstructible |
23 | 23 |
from django.utils.translation import ugettext_lazy as _ |
24 | 24 |
from django.core.exceptions import ValidationError |
... | ... | |
80 | 80 |
except smtplib.SMTPConnectError: |
81 | 81 |
continue |
82 | 82 | |
83 |
LOCALPART_FORBIDDEN_RE = re.compile(r'^(?:[./|]|.*[@%!`#&?]|.*/\.\./)') |
|
84 | ||
83 | 85 |
def __call__(self, value): |
84 | 86 |
DjangoEmailValidator()(value) |
85 | 87 | |
86 | 88 |
localpart, hostname = value.split('@', 1) |
89 |
if self.LOCALPART_FORBIDDEN_RE.match(localpart): |
|
90 |
raise ValidationError(DjangoEmailValidator.message, code=DjangoEmailValidator.code) |
|
87 | 91 |
if app_settings.A2_VALIDATE_EMAIL_DOMAIN: |
88 | 92 |
mxs = self.query_mxs(hostname) |
89 | 93 |
if not mxs: |
tests/test_validators.py | ||
---|---|---|
48 | 48 |
validate_password('12345678') |
49 | 49 | |
50 | 50 | |
51 |
def test_email_validator(): |
|
51 |
@pytest.mark.parametrize('email', ['nok', '@nok.com', 'foo@bar\x00', |
|
52 |
'foo&@bar', '|a@nok.com', 'a/../b@nok.com', |
|
53 |
'a%b@nok.com', 'a!b@nok.com', 'a#b@nok.com', |
|
54 |
'a&b@nok.com', 'a?b@nok.com']) |
|
55 |
def test_email_validator_nok(email): |
|
52 | 56 |
with pytest.raises(ValidationError): |
53 |
EmailValidator()('nok')
|
|
54 |
with pytest.raises(ValidationError): |
|
55 |
EmailValidator()('@nok.com') |
|
56 |
with pytest.raises(ValidationError): |
|
57 |
EmailValidator()('foo@bar\x00') |
|
57 |
EmailValidator()(email)
|
|
58 | ||
59 | ||
60 |
@pytest.mark.parametrize('email', ['ok@ok.com', 'a|b@ok.com', 'a/..b@ok.com']) |
|
61 |
def test_email_validator_ok(email): |
|
58 | 62 |
EmailValidator()('ok@ok.com') |
59 | 63 | |
60 | 64 | |
61 |
- |