Restrict email address validation (#17688)

This didn't follow the RFC but it's a subset of that. I think we should narrow the allowed chars at first and discuss more possibility in future PRs.
2025-11-04 08:30:25 +08:00 · 2022-03-15 01:39:54 +08:00
parent 49db87a035
commit 18033f49ba
9 changed files with 110 additions and 11 deletions
--- a/routers/api/v1/user/email.go
+++ b/routers/api/v1/user/email.go
@@ -80,7 +80,8 @@ func AddEmail(ctx *context.APIContext) {
 	if err := user_model.AddEmailAddresses(emails); err != nil {
 		if user_model.IsErrEmailAlreadyUsed(err) {
 			ctx.Error(http.StatusUnprocessableEntity, "", "Email address has been used: "+err.(user_model.ErrEmailAlreadyUsed).Email)
-		} else if user_model.IsErrEmailInvalid(err) {
+		} else if user_model.IsErrEmailCharIsNotSupported(err) ||
+			user_model.IsErrEmailInvalid(err) {
 			errMsg := fmt.Sprintf("Email address %s invalid", err.(user_model.ErrEmailInvalid).Email)
 			ctx.Error(http.StatusUnprocessableEntity, "", errMsg)
 		} else {