[hibernate-commits] [hibernate/hibernate-validator] 13e8ed: HV-1066 Don't use IDN.toASCII on the local part of...
GitHub
noreply at github.com
Tue Aug 30 08:44:07 EDT 2016
Branch: refs/heads/master
Home: https://github.com/hibernate/hibernate-validator
Commit: 13e8edb1c8f48eba87cba418af5f217efe0d4a5f
https://github.com/hibernate/hibernate-validator/commit/13e8edb1c8f48eba87cba418af5f217efe0d4a5f
Author: Guillaume Smet <guillaume.smet at gmail.com>
Date: 2016-08-30 (Tue, 30 Aug 2016)
Changed paths:
M engine/src/main/java/org/hibernate/validator/internal/constraintvalidators/hv/EmailValidator.java
M engine/src/test/java/org/hibernate/validator/test/internal/constraintvalidators/hv/EmailValidatorTest.java
Log Message:
-----------
HV-1066 Don't use IDN.toASCII on the local part of the email
Using IDN.toASCII on the local part of the email was a bad idea to begin
with, forcing us to introduce a splitting logic on top of IDN.toASCII.
Executing IDN.toASCII on each chunk of a split string is not equivalent
to executing it on the whole string, potentially opening the way for
other bugs.
Thus, we ended up doing the following:
- allow the \u0080-\uFFFF character range in the local part of the email
thus allowing local parts containing UTF-8 characters;
- only use IDN.toASCII on the domain name as it should be.
This simplifies the logic a lot and should limit the number of bugs in
this area.
In passing:
- improve the feedback in email validation tests;
- be more cautious about how we generate the domain names in tests: each
label of a domain name must be at most 63 characters long.
More information about the hibernate-commits
mailing list