[wp-trac] [WordPress Trac] #21570: is_email_address_unsafe() is too aggressive
    WordPress Trac 
    wp-trac at lists.automattic.com
       
    Wed Aug 29 01:58:31 UTC 2012
    
    
  
#21570: is_email_address_unsafe() is too aggressive
----------------------------------------+------------------------------
 Reporter:  mdawaffe                    |       Owner:
     Type:  defect (bug)                |      Status:  new
 Priority:  normal                      |   Milestone:  Awaiting Review
Component:  Users                       |     Version:  3.0
 Severity:  normal                      |  Resolution:
 Keywords:  has-patch needs-unit-tests  |
----------------------------------------+------------------------------
Comment (by mdawaffe):
 The form input is labelled "Banned Email Domains" and says "If you want to
 ban domains from site registrations. One domain per line.", so asking
 people to enter "@bar.com" is weird unless we change those strings.  Plus,
 the option is named "banned_email_domains" :)
 One "recent" change is [13447], which prevents the use of regular
 expressions, so the {{{preg_match()}}} should be removed unless we want to
 support crazy filters on {{{pre_option_banned_email_domains}}}.  That
 changeset isn't too relevant to this ticket except that it prevents a
 possible solution: adding {{{/\bfoo\.com/}}} to the list of Banned Email
 Domains.
 I don't think that many people are including a ".bar.com" (as opposed to a
 "bar.com") entry since ".bar.com" does not block a registration from
 "mike at bar.com", for example.
 With the current code, a "bar.com" entry has the following behavior:
 * mike at bar.com: blocked = expected
 * mike at foo.bar.com: blocked = expected
 * mike at foo-bar.com: blocked = not expected
 And a ".bar.com" entry does:
 * mike at bar.com: not blocked = expected? I don't know, see above.
 * mike at foo.bar.com: blocked = expected
 * mike at foo-bar.com: not blocked = expected
 With my patch, the "bar.com" entry does:
 * mike at bar.com: blocked = expected
 * mike at foo.bar.com: blocked = expected
 * mike at foo-bar.com: not blocked = expected
 And the ".bar.com" entry does:
 * mike at bar.com: not blocked = expected? I don't know, see above.
 * mike at foo.bar.com: blocked = expected
 * mike at foo-bar.com: not blocked = expected
-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/21570#comment:4>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
    
    
More information about the wp-trac
mailing list